LOGO

UK Labour Party Data Breach: Members' Data Compromised

November 4, 2021
Topics:blackbaudcomputer securitycyberattackcybercrimeCyberwarfaredata breachinformation commissioner’s officeLabour PartyNational Cyber Security CentreransomwareSecuritysecuritysecurity breachesspokespersonTwitterUnited Kingdom
UK Labour Party Data Breach: Members' Data Compromised

Labour Party Confirms Data Breach Affecting Members

The U.K.’s Labour Party has acknowledged a cyberattack targeting a third-party provider, resulting in a compromise of member data.

Incident Notification and Initial Findings

On October 29th, Labour was notified of a “cyber incident” by a third-party data processor. This notification prompted an immediate internal review.

Currently, details surrounding the event are limited. However, it has been determined that a substantial amount of party data became inaccessible on the supplier’s systems.

Ransomware Attack Suspected

Sources indicate the incident may be a ransomware attack directed at Labour’s third-party supplier. The party has not yet officially confirmed this assessment, but further investigation is ongoing.

Scope of the Data Breach

The full extent of the breach remains unclear, and the specific data compromised is still being determined.

The affected data encompasses information provided by members, registered supporters, and other individuals who have shared their details with the party.

Impact on Former and Non-Members

The incident appears to have impacted individuals beyond current party membership.

Reports have surfaced from former members, even those who left the party years ago, receiving data breach notifications.

Additionally, some individuals who have never been Labour Party members, but contributed financially through affiliated unions, have also reported being affected.

Party Response and Investigations

Labour has approximately 430,000 members. An investigation into the incident is currently underway.

The party has also informed relevant authorities, including the National Crime Agency (NCA), the National Cyber Security Centre, and the Information Commissioner’s Office (ICO).

Statements from Authorities

The NCA has confirmed it is leading a criminal investigation into the cyber incident.

A spokesperson stated they are collaborating with partners to mitigate risks and evaluate the incident’s nature.

The ICO, which recently advocated for improved data protection within U.K. political parties, has also initiated inquiries.

Ongoing Collaboration and System Integrity

Labour is working closely with the third-party supplier to urgently investigate the incident’s full scope and impact.

The party has emphasized that its own data systems were not directly affected by the attack.

Previous Incident

This is not the first time the Labour Party has faced a data security challenge.

Last year, members were alerted to a data compromise involving company Blackbaud, which was also the target of a ransomware attack. At that time, donor information spanning several years was believed to have been exposed.

#UK Labour Party#data breach#cyberattack#data security#Labour members#political cybersecurity

Related Posts

NHS England Data Breach Confirmed by Tech Provider

NHS England Data Breach Confirmed by Tech Provider

Cisco Zero-Day Exploit: Chinese Hackers Targeting Customers

Cisco Zero-Day Exploit: Chinese Hackers Targeting Customers

Pornhub Hacked: User Data Extorted by Hacking Group

Pornhub Hacked: User Data Extorted by Hacking Group

Google and Apple Release Emergency Security Updates

Google and Apple Release Emergency Security Updates

700credit Data Breach: 5.6 Million Affected

700credit Data Breach: 5.6 Million Affected

Home Depot Data Breach: Internal Systems Exposed for a Year

Home Depot Data Breach: Internal Systems Exposed for a Year