Labour ‘cyber incident’ exposes the party’s own Data Protection breaches
The Labour Party has informed This Writer – and many others, it seems – that my data may have been hijacked after it was given to a “third party”.
This is very concerning for several reasons:
Firstly: I am no longer a member of the Labour Party and it should not be holding any information of mine, for any reason at all.
Secondly: I have not given permission for any data held by me to be passed on to any third party, and it is illegal for the Labour Party to have done so.
Next: The Labour Party has not passed on details of the identity of this mysterious third party. Why not? Is it embarrassing? Is it potentially incriminating? I want to know, and I reckon thousands of others will want to know as well.
Finally: Why am I hearing about this on November 4, possibly an entire week after the incident took place – and a day after many other victims were informed? Why were we not all informed at once?
According to Labour’s letter to affected people (which the party is apparently asking us not to share, although that part seems to have been cut from mine), party officers were informed of the incident on October 29.
This implies that the data was hijacked on a still earlier date, meaning that we went uninformed that our illegally-held data had been held by wrong-doers for a longer time than Labour suggests and that we have been vulnerable to cyber crime for all of that period without even knowing about it.
The crime itself seems to be a ransomware incident in which data is rendered inaccessible to a user unless it pays the hijacker some form of remuneration. If such payment is refused, the hijacker may go on to use the stolen data to harm the people to whom it belongs. Labour doesn’t mention this in its email.
Nor are we informed of the nature of the data that was stolen. It may include personal information that could be used for identity theft or blackmail, and/or financial information that could result in plain theft from our bank accounts. We don’t know because Labour hasn’t told us.
The email goes on to say that Labour has reported the incident to authorities including the National Crime Agency (NCA), National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO). No doubt those organisations are busy doing very little about it (I have experience of the ICO’s dawdling with regard to Labour Party data breaches; it says it has received so many reports about the party that it is swamped).
And we are told that the Labour Party “takes the security of all personal information for which it is responsible very seriously”, which seems plainly untrue, considering the fact that it should not have had any of my personal information at all.
Members – old and current – are up in arms about this:
Labour was in possession of data that should have been deleted years ago.
It is possible to confirm this because tonight they are emailing old email accounts long discarded by members who left years ago.
That on its own poses and exceptionally serious legal question.
— Tory Fibs (@ToryFibs) November 3, 2021
Given I resigned from @UKLabour over a year ago via the correct process I'm angry to receive an email from [email protected] telling me my data may have been breached
The fact Labour *still* had my info on file is surely a data breach in itself
— Mrs Gee #TransformPolitics 💚🇵🇸🍉 (@earthygirl011) November 3, 2021
i got one too BUT truth is they’ve been leaking my data for YEARS. i complained to ICO who said they had received so many complaints about Labour they were snowed under AND theyn they employ an allegedly ex Mossad spy to oversee Members!!!! these mother f***ers!! https://t.co/6WOKNTs6rR
— Jackie Walker – HRH, MP, MBE, ABC (@Jackiew80333500) November 3, 2021
Just received an email from the Labour Party telling me they have been hacked and that my data has been compromised. I left the Labour Party a year ago. Are they allowed to hang onto my data without my permission?
— David Booth (@dbooth3) November 3, 2021
I’ve just had the email informing me of this data breach but very little detail of what information was leaked or who the third party provider was. #labourdataleak2021 @PeterStefanovi2 @MidWalesMike
— Aaron Marshall (@mnet_stratford) November 3, 2021
If the @UKLabour Party need to retain my data- despite expelling me- for future reference, ok, but why have they given it to a “third party”?
It is the Labour Party I was a member of & the Labour Party which I was expelled from.
Who is this “third party”. We need to know asap.
— James Foster (@JamesEFoster) November 3, 2021
We do need to know the identity of the “third party”. For one thing, it might be an organisation we would not want to have any of our information at all.
Skwawkbox has pointed out that
Labour has outsourced projects recently to one company formerly run by Evans and now run by his wife and another run by a ‘friend of a friend’.
I would also be concerned if my information had been handed to the Jewish Labour Movement, the organisation Labour has said it would task with providing training to members on the nature of anti-Semitism and indoctrination against it.
That organisation is highly prejudiced, in the experience and opinion of This Writer, and I would not trust it with my personal details in any event.
One final point: Labour Party members may have no choice on who receives their information because party secretary David Evans and the leadership helmed by Keir Starmer demand that they automatically agree to everything the party does with it, as a condition of membership.
But I am no longer a member.
I think a class action lawsuit on this case may be appropriate, don’t you?
I would certainly be interested in hearing from anybody who feels the same way and is interested in taking the matter forward (although I would not want to be the principal claimant as I am already involved in a highly time-consuming court case, as is well known).
Who’s interested?
Have YOU donated to my crowdfunding appeal, raising funds to fight false libel claims by TV celebrities who should know better? These court cases cost a lot of money so every penny will help ensure that wealth doesn’t beat justice.
Vox Political needs your help!
If you want to support this site
(but don’t want to give your money to advertisers)
you can make a one-off donation here:
Here are four ways to be sure you’re among the first to know what’s going on.
1) Register with us by clicking on ‘Subscribe’ (in the left margin). You can then receive notifications of every new article that is posted here.
2) Follow VP on Twitter @VoxPolitical
3) Like the Facebook page at https://www.facebook.com/VoxPolitical/
Join the Vox Political Facebook page.
4) You could even make Vox Political your homepage at http://voxpoliticalonline.com
And do share with your family and friends – so they don’t miss out!
If you have appreciated this article, don’t forget to share it using the buttons at the bottom of this page. Politics is about everybody – so let’s try to get everybody involved!
Buy Vox Political books so we can continue
fighting for the facts.
The Livingstone Presumption is now available
in either print or eBook format here:
Health Warning: Government! is now available
in either print or eBook format here:
The first collection, Strong Words and Hard Times,
is still available in either print or eBook format here:
That’s really worrying. A Third Party (the Third Man!) could be anybody, a Marketing company selling Insurance or the Israeli State.
Really worried about this, I also left the party around the same time as keir got elected as leader. I am now worried about identity theft, they may have my bank details. Very scary
I left the Labour party nearly two years ago and yet received an email on Wednesday informing me that my details may have been hacked. Why did the Labour Party still have my details and who gave them permission to give my details to a so far unknown third party. 🤔
Seems that this is the company
https://labour.org.uk/privacy-policy/blackbaud-data-breach/
What’s the date this information went up?
The data breach happened between February and May and we’re only learning about it NOW? That would be shocking.
Ex member here who left the day that Starmer was announced as the new leader. I’m livid that my information was both held illegally and then shared illegally with 3rd parties not only without my consent but also without even informing me. If any legal action is taken please count me in.