Evans admits ‘sensitivity’ of issue after murder of Sir David Amess – but asks personnel not to comment publicly
Labour is about to send out the following message admitting a breach of data protection laws that has led to the involvement of the National Crime Agency, the National Cyber Security Centre, the ICO and parliamentary security:
Please see below a message that will shortly be sent out by the Party in respect of a data incident.
I fully recognise the sensitivities involved with this message, especially in light of recent events. I want to assure colleagues that since this came to our attention, we have been in close contact with the relevant authorities, including the National Crime Agency, National Cyber Security Centre, the Information Commissioner’s Office and Parliamentary Security. We will continue to liaise with them closely.
If you have questions, I would ask that these are directed to the email address referenced in the message. We will also continue to update the webpage
I would ask colleagues to refrain from any public commentary (on social media or otherwise) on this matter.
Wednesday 3 November 2021
Dear Sir / Madam,
We are writing to you to let you know that a third party that handles data on our behalf has been subject to a cyber incident. While the Party’s investigation remains ongoing, we wanted to make you aware of this incident and the measures which we have taken in response. We have also provided details of precautionary steps you may consider taking to help protect yourself.
On 29 October 2021, we were informed of the cyber incident by the third party. The third party told us that the incident had resulted in a significant quantity of Party data being rendered inaccessible on their systems. As soon as the Party was notified of these matters, we engaged third-party experts and the incident was immediately reported to the relevant authorities, including the National Crime Agency (NCA), National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO). The Party continues to work closely with each of these authorities. The Party is also working closely and on an urgent basis with the third party in order to understand the full nature, circumstances and impact of the incident. The Party’s own data systems were unaffected by this incident.
What information was involved?
We understand that the data includes information provided to the Party by its members, registered and affiliated supporters, and other individuals who have provided their information to the Party. The full scope and impact of the incident is being urgently investigated.
What are the Labour Party doing?
The Party takes the security of all personal information for which it is responsible very seriously. It is doing everything within its power to investigate and address this incident in close liaison with law enforcement, the Information Commissioner’s Office and the affected third party.
SKWAWKBOX needs your help. The site is provided free of charge but depends on the support of its readers to be viable. If you can afford to without hardship, please click here to arrange a one-off or modest monthly donation via PayPal or here to set up a monthly donation via GoCardless (SKWAWKBOX will contact you to confirm the GoCardless amount). Thanks for your solidarity so SKWAWKBOX can keep bringing you information the Establishment would prefer you not to know about.
If you wish to republish this post for non-commercial use, you are welcome to do so – see here for more.