The UK Labour Party has been impacted by a data breach for the second time in a year.
Instead of targeting the Labour Party directly, cyber attackers comprised a third-party vendor with access to the party’s sensitive member data - a type of cyber attack known as a third-party breach.
According to the Labour Party’s official breach statement, on the 29th of October, the party’s third-party provider lost access to a significant portion of member data following a cyber incident.
“The third party told us that the incident had resulted in a significant quantity of Party data being rendered inaccessible on their systems.” The UK Labour Party said in its statement.
This style of attack is characteristic of a ransomware attack, where a victim’s critical internal processes are taken hostage and only released if a ransom is paid.
Sources familiar with the incident told SkyNews that the incident was indeed a Ransomware attack, but this is yet to be confirmed.
The depth of data compromise is still unclear, but it has damaging potential.
The compromised third party, which at this stage is unidentified, had access to the financial information of paying members; and even former party members received a notification that their data may have been compromised.
This could out the UK Labour Party for storing member data longer than required - behavior that’s contrary to the UK GDPR’s data retention guidelines.
Last year, the Labour Party’s third-party vendor, BlackBaud, also fell victim to a ransomware attack. If this event, like the BlackBaud event, proves not to be politically motivated,
its an indication of the critical prevalence of both ransomware attacks and the vulnerabilities that make them possible.