The Labour Party has said that it has been hit by a “cyber incident”, meaning that a “significant quantity” of its members’ data became inaccessible.
The impact of the incident, which affected an external supplier, is not yet clear. Labour is urgently investigating if the data had been hacked as well as notifying police and cyber security specialists and regulators.
As of right now, there is not enough information available to ascertain whether the party was a specific target or simply incidentally affected. Cyber security experts believe that the attack had hallmarks of a ransomware attack, which is when hackers, often coming from Russia, seize and crypt data and then demand money to restore access.
The Labour Party emailed members saying, “We are writing to you to let you know that a third party that handles data on our behalf has been subject to a cyber incident. The third party told us that the incident had resulted in a significant quantity of party data being rendered inaccessible on their systems.”
According to them, the data affected “includes information provided to the party by its members, registered and affiliated supporters, and other individuals who have provided their information.” They are currently and urgently investigating the full impact of the incident.
Labour has said that it has already been in contact with the National Crime Agency, National Cyber Security Centre and the Information Commissioner’s Office. The NCSC said that anybody “who thinks they may have been the victim of a data breach to be especially vigilant against suspicious emails, phone calls or text messages.”Meanwhile, a spokesperson Of the NCA confirmed that they were leading the criminal investigation and that the enquiry was at an early stage, saying “We are working closely with partners to mitigate any potential risk and assess the nature of this incident.”
This is not the first time that Labour has been impacted by a cyber breach. Sometime last year between February and May donor information was stolen by a cybercriminal. Information including names, email addresses, phone numbers and sums donated was taken from a third-party provider called Blackbaud, who provided a customer management system for Labour. The company told Labour that the ransom had been paid and that they had received assurances that the data was resultingly destroyed.
Labour’s response to the breach has been vague and leaves many questions unanswered. IT teams will almost definitely be in crisis mode and frantically attempting to work out the extent of the hack, hopefully they will soon be able to provide answers.