UK Labor accuses member data breach of third-party cyberattack – TechCrunch

The UK Labor Party has confirmed that a cyberattack on a third-party company has resulted in its members’ data being compromised.

In an email sent to all party members and posted on its website, Labor said it was informed of a “computer incident” by an anonymous third-party data processor on October 29.

Details remain slim, but Labor said the incident had “left a significant amount of the parties’ data on their systems inaccessible.” A person responding to the incident told Sky News that it was a ransomware attack against Labor’s third-party vendor. Work has yet to confirm this, and TechCrunch has requested more.

The extent of the breach is also unclear, and it is not yet clear what data was compromised. The Labor Party, which has financial information on paying members, said the data concerned “includes information provided to the party by its members, registered supporters and affiliates, and others who have provided their information.”

However, it appears that a number of alumni and non-members were also affected by the incident. A Twitter user complaints they received the data breach notification despite quitting the party in 2009, while others noted they also received the email even though they had never been a party member. Some say they are affected by the data breach even though they are not members of the Labor Party but have paid the political fees as a member of an affiliated union at work.

The Labor Party has around 430,000 members. The party’s statement indicates that its investigation is ongoing. He also informed the National Crime Agency (NCA), the National Cyber ​​Security Center, and informed the Office of the Information Commissioner (ICO).

A spokesperson for the NCA said: “The NCA is leading the criminal investigation into a cyber incident impacting the Labor Party. We are working closely with partners to mitigate any potential risk and assess the nature of this incident. The ICO – which recently urged British political parties to improve data protection practices – also confirmed that it was actively investigating the incident.

Labor said it was also working closely with the unidentified third-party supplier to “urgently investigate” the nature, circumstances and impact of the incident. He stressed that his own data systems had not been affected by the attack.

The incident is not the first time the Labor Party has been affected by ransomware. Last year, the party alerted its members that data stored by the Blackbaud company had been compromised in a ransomware attack. At the time, the party said it believed information on donor information over a period of several years had been compromised.

Leave a Comment