Labour Party members’ data hit by cyber incident
The Labour Party has been affected by a “cyber incident” involving its members’ data resulting in “a significant quantity” of party data “rendered inaccessible on their systems”.
Labour said it was told on 29 October that it had been affected by the event by a third party firm that handled membership data on its behalf.
The Information Commissioner’s Office and National Cyber Security Centre are both looking into the incident.
In a statement, Labour said it was working closely with the two authorities, as well as the National Crime Agency, to find out what had happened.
The party also said it was “working closely and on an urgent basis with the third party in order to understand the full nature, circumstances and impact of the incident”, but that its own data systems were unaffected.
Labour has yet to reveal who the third party is, the scale of the incident or what type of data was affected.
But it did say the incident involved information provided to the party by its “members, registered and affiliated supporters, and other individuals who have provided their information”.
Commenting on the leak Mike Campfield, VP of EMEA Operations, ExtraHop, said: “The Labour party’s supply chain attack has left the party warning members’ their data, stored by a third party supplier, may have been breached. This tactic is quickly becoming a firm favourite among bad actors, with this being the third critical supply chain attack on record this year.
Organisations are more and more reliant on external entities for services, but if third party suppliers have little to no ability to defend against these attacks, organisations have no chance of protecting themselves. Knowing your suppliers to assess and understand blind spots is vital to fighting against these looming threats. If just one supplier’s security processes trails behind the rest, it quickly becomes the weakest link and therefore most attractive entry point for bad actors.
Zero trust frameworks, which assume you can’t trust anyone, are being adopted to fight supply chain attacks. However, this isn’t enough to keep bad actors out. Businesses need visibility to understand how to identify if anything is lurking on their IT network. When organisations have complex supply chains, they need visibility across all customers to protect against any threats. It’s a must to be able to see activity, including any files going into or leaving their IT environment, even in an encryption event, that can be identified to know the extent of potential damage.”