MPs' addresses & phone numbers stolen in cyberattack – reports
Labour politicians’ home addresses and personal phone numbers were reportedly stolen during a “cyber incident” affecting the party’s IT provider – sparking personal security fears in the aftermath of Tory MP David Amess’ murder.
The Labour Party confirmed on Thursday that a “significant quantity” of its data had been “rendered inaccessible” following a recent cyberattack on the unnamed third-party firm’s systems.
While its “full scope and impact” was not known, the information apparently included lists of party members and registered and affiliated supporters, among others.
In an email to MPs, Alison Giles, the director of parliamentary security, reportedly said the affected data likely included the “full address details” and acknowledged the parliamentarians’ concerns over the breach, “particularly in the light of recent events.”
The email, seen by The Times, urged recipients to “review the data you have provided” and said it was not yet clear whether the data had been made public.
Giles did not rule out the possibility that the information “may be released to third parties at a future date.”
Labour MPs were told to report any suspicious email activity and instructed to contact security staff if they had given the party an address which is not public.
The party’s own systems were not thought to be affected by the attack.
The National Crime Agency (NCA), National Cyber Security Centre (NCSC), and Information Commissioner's Office (ICO) have begun a criminal investigation – and a Labour spokesperson said the party had engaged third-party experts and was working on an “urgent basis” to determine the effect of the breach.
The NCSC called on potential victims to be “especially vigilant against suspicious emails, phone calls or text messages.”
In August 2020, another Labour Party supplier, Blackbaud, was hacked, with the cyberattackers stealing personal data such as names, email addresses, telephone numbers, and details of annual donations. The company later paid a ransom demand with the assurance that the stolen data would be erased.
After MPs voiced concerns following the murder of MP David Amess last month, UK Home Secretary Priti Patel launched a safety review and said a “trained and accredited security operative” would accompany them during constituency meetings.
While its “full scope and impact” was not known, the information apparently included lists of party members and registered and affiliated supporters, among others.
In an email to MPs, Alison Giles, the director of parliamentary security, reportedly said the affected data likely included the “full address details” and acknowledged the parliamentarians’ concerns over the breach, “particularly in the light of recent events.”
The email, seen by The Times, urged recipients to “review the data you have provided” and said it was not yet clear whether the data had been made public.
Giles did not rule out the possibility that the information “may be released to third parties at a future date.”
Labour MPs were told to report any suspicious email activity and instructed to contact security staff if they had given the party an address which is not public.
The party’s own systems were not thought to be affected by the attack.
The National Crime Agency (NCA), National Cyber Security Centre (NCSC), and Information Commissioner's Office (ICO) have begun a criminal investigation – and a Labour spokesperson said the party had engaged third-party experts and was working on an “urgent basis” to determine the effect of the breach.
The NCSC called on potential victims to be “especially vigilant against suspicious emails, phone calls or text messages.”
In August 2020, another Labour Party supplier, Blackbaud, was hacked, with the cyberattackers stealing personal data such as names, email addresses, telephone numbers, and details of annual donations. The company later paid a ransom demand with the assurance that the stolen data would be erased.
After MPs voiced concerns following the murder of MP David Amess last month, UK Home Secretary Priti Patel launched a safety review and said a “trained and accredited security operative” would accompany them during constituency meetings.