LABOUR has suffered a “significant” cyber breach of its membership database, the party revealed today.
Security experts are investigating after an IT firm which handles data on Labour’s behalf was compromised.
The full scale of the incident is being investigated but Labour’s own data systems were unaffected.
A Labour spokesman said the party was informed of the incident on October 29 by the IT firm, which it has not named.
“The third party told us that the incident had resulted in a significant quantity of party data being rendered inaccessible on their systems,” the spokesman said.
“As soon as the party was notified of these matters, we engaged third-party experts and the incident was immediately reported to the relevant authorities.”
Labour is “working closely and on an urgent basis” with the IT firm in order to understand the full nature, circumstances and impact of the incident.
“We understand that the data includes information provided to the party by its members, registered and affiliated supporters, and other individuals who have provided their information to the party,” the Labour spokesman said.
The party urged members and supporters who may have been affected to take extra precautions online, in line with NCSC guidance.
A NCSC spokesman said: “We are aware of this issue and are working with the Labour Party to fully investigate and mitigate any potential impact.
“We would urge anyone who thinks they may have been the victim of a data breach to be especially vigilant against suspicious emails, phone calls or text messages and to follow the steps set out in our data breaches guidance.
“The NCSC is committed to helping organisations manage their cyber security and publishes advice and guidance on the NCSC website.”
