The Labour Party has fallen victim to a third-party data breach, according to an email to its members.

The Party was informed about a breach by the unnamed IT supplier involved in the incident on 29 October 2021.

The incident “resulted in a significant quantity of Party data being rendered inaccessible on their systems.”

The Party said it immediately engaged third-party experts and reported the incident to the relevant authorities, including the National Crime Agency (NCA), National Cyber Security Centre (NCSC), and the Information Commissioner’s Office (ICO).

Labour said that the data includes information provided to the Party by its members, registered, and affiliated supporters, and other individuals who have provided their information to the Party.

According to the Party, the full scope and impact of the incident is being urgently investigated.

Labour emphasised that its own data systems were unaffected by the attack.

Third-party incidents are a common way in which cyberattacks can hurt organisations.

Cybersecurity incidents impacting businesses through suppliers that they share data with are getting worse, according to Russian cybersecurity firm Kaspersky.

The average financial impact of such an event for an enterprise reached $1.4 million globally in 2021 according to the firm.

Share Story: