Labour insists cyber attack did not cause data breach
The FT’s Jim Pickard and Sebastian Payne report:
Britain’s Labour party experienced a “sophisticated and large-scale cyber-attack” on its digital platforms on Monday, it has revealed.
The party said it was confident that its security systems ensured there had been no data breach but said it had reported the attack to the National Cyber Security Centre.
“We have experienced a sophisticated and large-scale cyber-attack on Labour digital platforms. We took swift action and these attempts failed due to our robust security systems. The integrity of all our platforms was maintained and we are confident that no data breach occurred,” a spokeswoman said on Tuesday.
“Our security procedures have slowed down some of our campaign activities, but these were restored this morning and we are back up to full speed. We have reported the matter to the National Cyber Security Centre.”
Although the party has not said which digital platforms were targeted it is thought that some involved election tools which could contain details about voters.
Niall Sookoo, Labour’s executive director of elections, wrote to campaigners to explain why systems were working slowly on Monday.
“Yesterday afternoon our security systems identified that, in a very short period of time, there were large-scale and sophisticated attacks on Labour Party platforms which had the intention of taking our systems entirely offline,” he wrote.
“I would I like to pay tribute to all the teams at Labour HQ who identified this risk and acted quickly to protect us.”
Separately The Times revealed on Tuesday that Labour had published the names of people who had donated through its website in what could – according to experts – be a breach of the European Union’s General Data Protection Regulation (GDPR) rules.
Labour removed the information from its website after being alerted by journalists.
