The UK’s Labour Party, the official opposition to the country’s ruling Conservatives, has suffered a humiliating data breach.
Members of the party were sent notice of the issue mid-afternoon UK time, which confirmed a “third party that handles data on our behalf has been subject to a cyber incident”. The email continues:
“On 29 October 2021, we were informed of the cyber incident by the third party. The third party told us that the incident had resulted in a significant quantity of Party data being rendered inaccessible on their systems,” the statement, headlined “Private and Confidential”, said.
We have asked the Labour party if it was ransomware and if so, if a ransom demand has been made.
The statement continued:
Labour said the compromised data includes information provided to the Party by its members, registered and affiliated supporters, and other individuals who have provided their information to the Party.
“The full scope and impact of the incident is being urgently investigated,” it said.
Labour Party news website LabourList said that membership website – https://labourmembership.com – had been pulled offline in recent days because of the cyber “incident.”
The website was still unreachable at the time of publication.
The party has been targeted before.
In 2019, its campaign site was hit by a “sophisticated and large-scale cyber-attack”. A spokeswoman said at the time: “We have experienced a sophisticated and large-scale cyber-attack on Labour digital platforms. We took swift action and these attempts failed due to our robust security systems. The integrity of all our platforms was maintained and we are confident that no data breach occurred.”
Last year, the Party was also caught up in the attack on cloud CRM provider Blackbaud.
An NCSC spokesperson said:
“We are aware of this issue and are working with the Labour Party to fully investigate and mitigate any potential impact.
“We would urge anyone who thinks they may have been the victim of a data breach to be especially vigilant against suspicious emails, phone calls or text messages and to follow the steps set out in our data breaches guidance.” ®
*Total Inability To Support Underdogs in Politics