Members told of “cyber incident” on third party handling Labour data

Sienna Rodgers

Labour has informed its members by email this afternoon of a “cyber incident” on an unnamed third party that handles data on behalf of the party, which resulted in a “significant quantity of party data being rendered inaccessible on their systems”.

The party has said it was informed of the incident on October 29th, and this was immediately reported to the relevant authorities, including the National Crime Agency (NCA), National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO).

In a statement, Labour said it is “working closely and on an urgent basis with the third party in order to understand the full nature, circumstances and impact of the incident”. It added: “The party’s own data systems were unaffected by this incident.”

The data includes information provided to Labour by members, registered and affiliated supporters, and others, the party revealed, adding: “The full scope and impact of the incident is being urgently investigated.”

“The party takes the security of all personal information for which it is responsible very seriously. It is doing everything within its power to investigate and address this incident in close liaison with law enforcement, the Information Commissioner’s Office and the affected third party,” Labour said.

Labour has advised members to be vigilant about suspicious communications, forward suspicious emails to [email protected] and implement two-factor authentication to protect online accounts, as such cyber incidents are “becoming increasingly common”.

It was confirmed to LabourList that Labour’s membership website – https://labourmembership.com – has been down in recent days because of the cyber incident.

LabourList has been told that Labour is working to establish what kind of actor was responsible for the cyber incident on the third party. It is unclear so far whether it was a hostile actor or an incident unrelated to political motivations.

The Labour Party itself was hit by two cyber-attacks during the 2019 general election campaign, in the form of DDoS (distributed denial-of-service) attacks. No data breach occurred in that instance and Cloudflare protected the party website.


Update, 3.45pm: Former party members have told LabourList they have been contacted about the incident today, despite having quit Labour many months ago. LabourList has asked the party whether this means they have been affected by it.


Below is the full text of the email sent by the Labour Party to members.

Dear Sir / Madam,

We are writing to you to let you know that a third party that handles data on our behalf has been subject to a cyber incident. While the Party’s investigation remains ongoing, we wanted to make you aware of this incident and the measures which we have taken in response. We have also provided details of precautionary steps you may consider taking to help protect yourself.

What happened?

On 29 October 2021, we were informed of the cyber incident by the third party. The third party told us that the incident had resulted in a significant quantity of Party data being rendered inaccessible on their systems. As soon as the Party was notified of these matters, we engaged third-party experts and the incident was immediately reported to the relevant authorities, including the National Crime Agency (NCA), National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO). The Party continues to work closely with each of these authorities. The Party is also working closely and on an urgent basis with the third party in order to understand the full nature, circumstances and impact of the incident. The Party’s own data systems were unaffected by this incident.

What information was involved?

We understand that the data includes information provided to the Party by its members, registered and affiliated supporters, and other individuals who have provided their information to the Party. The full scope and impact of the incident is being urgently investigated.

What are the Labour Party doing?

The Party takes the security of all personal information for which it is responsible very seriously. It is doing everything within its power to investigate and address this incident in close liaison with law enforcement, the Information Commissioner’s Office and the affected third party.

What you can do

With incidents of this nature becoming increasingly common, it is more important than ever to remain vigilant against suspicious activity. As an immediate precaution, and in line with National Cyber Security Centre guidance, we recommend you take the following steps to protect yourself:

For more information

If you have any questions or queries in relation to this incident, please direct them to [email protected]. We will also provide updates on our website in respect of this incident in line with guidance received from relevant law enforcement authorities.

Kind regards,

The Labour Party

Everything Labour.
Every weekday morning.

By clicking ‘subscribe’ you confirm you have read and agree to our privacy policy

More from LabourList

Donate to fund our journalism

or

Subscribe to our Daily Email