Labour hit by ‘cyber incident’ affecting members’ data

Labour has said it has been hit by a “cyber incident” that meant that a “significant quantity” of members’ and supporters’ data became inaccessible.

The party said the impact of the incident, affecting an external supplier, was not yet clear and it was urgently investigating whether the data had been hacked. Police, cybersecurity specialists and regulators had been notified, it added.

It is understood that it is unclear at this stage whether the party was specifically targeted, as opposed to merely being incidentally affected.

Cybersecurity experts said it appeared to have the hallmarks of a ransomware attack, where hackers, often from Russia, demand money to restore access to data that has been seized and encrypted.

“We are writing to you to let you know that a third party that handles data on our behalf has been subject to a cyber incident,” Labour said in an email to supporters and members. “The third party told us that the incident had resulted in a significant quantity of party data being rendered inaccessible on their systems.”

Labour said the data affected “includes information provided to the party by its members, registered and affiliated supporters, and other individuals who have provided their information.” The “full scope and impact” of the incident was being “urgently investigated”.

The party, which has about 430,000 members, routinely holds addresses, emails and other contact information for members, as well as some basic financial information such as direct debit details.

Labour said it had already been in contact with the National Crime Agency, National Cyber Security Centre (NCSC), a division of GCHQ, and the Information Commissioner’s Office, which regulates the handling of personal information.

NCSC said it was aware of the issue and was assisting Labour. It said anybody “who thinks they may have been the victim of a data breach to be especially vigilant against suspicious emails, phone calls or text messages.”

The NCA confirmed it was leading the criminal investigation and said its inquiries were at an early stage. “We are working closely with partners to mitigate any potential risk and assess the nature of this incident,” a spokesperson said.

It is not the first time Labour has been affected by a cyber incident. Last year it said donor information had been stolen by a cybercriminal from a third-party provider called Blackbaud some time between February and May. Information stolen included names, email addresses, phone numbers and sums donated.

Blackbaud, which provided a customer management system for the party, told Labour it had paid the ransom demanded by the cybercriminal and the company had received assurances that the data was destroyed as a result.




, , , ,

Comments are closed.