Labour has informed its members by email this afternoon of a “cyber incident” on an unnamed third party that handles data on behalf of the party, which resulted in a “significant quantity of party data being rendered inaccessible on their systems”.
The party has said it was informed of the incident on October 29th, and this was immediately reported to the relevant authorities, including the National Crime Agency (NCA), National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO).
In a statement, Labour said it is “working closely and on an urgent basis with the third party in order to understand the full nature, circumstances and impact of the incident”. It added: “The party’s own data systems were unaffected by this incident.”
The data includes information provided to Labour by members, registered and affiliated supporters, and others, the party revealed, adding: “The full scope and impact of the incident is being urgently investigated.”
“The party takes the security of all personal information for which it is responsible very seriously. It is doing everything within its power to investigate and address this incident in close liaison with law enforcement, the Information Commissioner’s Office and the affected third party,” Labour said.
Labour has advised members to be vigilant about suspicious communications, forward suspicious emails to [email protected] and implement two-factor authentication to protect online accounts, as such cyber incidents are “becoming increasingly common”.
It was confirmed to LabourList that Labour’s membership website – https://labourmembership.com – has been down in recent days because of the cyber incident.
LabourList has been told that Labour is working to establish what kind of actor was responsible for the cyber incident on the third party. It is unclear so far whether it was a hostile actor or an incident unrelated to political motivations.
The Labour Party itself was hit by two cyber-attacks during the 2019 general election campaign, in the form of DDoS (distributed denial-of-service) attacks. No data breach occurred in that instance and Cloudflare protected the party website.
Update, 3.45pm: Former party members have told LabourList they have been contacted about the incident today, despite having quit Labour many months ago. LabourList has asked the party whether this means they have been affected by it.
Below is the full text of the email sent by the Labour Party to members.
Dear Sir / Madam,
We are writing to you to let you know that a third party that handles data on our behalf has been subject to a cyber incident. While the Party’s investigation remains ongoing, we wanted to make you aware of this incident and the measures which we have taken in response. We have also provided details of precautionary steps you may consider taking to help protect yourself.
What happened?
On 29 October 2021, we were informed of the cyber incident by the third party. The third party told us that the incident had resulted in a significant quantity of Party data being rendered inaccessible on their systems. As soon as the Party was notified of these matters, we engaged third-party experts and the incident was immediately reported to the relevant authorities, including the National Crime Agency (NCA), National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO). The Party continues to work closely with each of these authorities. The Party is also working closely and on an urgent basis with the third party in order to understand the full nature, circumstances and impact of the incident. The Party’s own data systems were unaffected by this incident.
What information was involved?
We understand that the data includes information provided to the Party by its members, registered and affiliated supporters, and other individuals who have provided their information to the Party. The full scope and impact of the incident is being urgently investigated.
What are the Labour Party doing?
The Party takes the security of all personal information for which it is responsible very seriously. It is doing everything within its power to investigate and address this incident in close liaison with law enforcement, the Information Commissioner’s Office and the affected third party.
What you can do
With incidents of this nature becoming increasingly common, it is more important than ever to remain vigilant against suspicious activity. As an immediate precaution, and in line with National Cyber Security Centre guidance, we recommend you take the following steps to protect yourself:
- Be especially vigilant against suspicious activity, including suspicious emails, phone calls or text messages. The National Cyber Security Centre has published advice regarding suspicious emails on its website: https://ncsc.gov.uk/guidance/
suspicious-email-actions - If you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS) via [email protected].
- You can also implement two-factor authentication (2FA) where possible to protect your online accounts from unauthorised access as described in the following publication on the National Cyber Security Centre’s website: https://www.ncsc.gov.
uk/guidance/setting-two- factor-authentication-2fa - Additional guidance about what to watch out for online can be found here: https://www.ncsc.gov.uk/
guidance/data-breaches
For more information
If you have any questions or queries in relation to this incident, please direct them to [email protected]. We will also provide updates on our website in respect of this incident in line with guidance received from relevant law enforcement authorities.
Kind regards,
The Labour Party
More from LabourList
What are Labour MPs reading, watching and listening to this Christmas?
‘Musk’s possible Reform donation shows we urgently need…reform of donations’
Full list of new Labour peers set to join House of Lords