SEC accepts US$3m settlement over charges Blackbaud failed to disclose full extent of data loss
Blackbaud, the company at the centre of the first of two major Labour party data breaches in consecutive years, has agreed to pay the Securities and Exchange Commission (SEC) three million US dollars to settle the SEC’s charges that it failed to disclose the full impact of a 2020 ‘ransomware’ attack.
The attack affected US customers but also led to a major loss of sensitive data belonging to Labour party supporters.
Keir Starmer and party manager David Evans apparently learned little from the breach, as a year later Labour was hit by yet another massive ransomware loss of members’ outsourced sensitive data to criminals that took party member management systems offline for more than a year – some were reportedly never recovered and had to be bypassed.
The Labour right has also participated actively in huge data breaches, unlawfully providing personal data from several databases to a right-winger’s failed campaign to take over the Unite union when Unite was a bastion of support for then-leader Jeremy Corbyn.
Evans and co told victims not to discuss the ransomware attack. Sadly the UK’s Information Commissioner is largely docile and has even enabled Labour to further breach its obligations to members, even though it has the power to levy fines of up to £17.5 million.
SKWAWKBOX needs your help. The site is provided free of charge but depends on the support of its readers to be viable. If you’d like to help it keep revealing the news as it is and not what the Establishment wants you to hear – and can afford to without hardship – please click here to arrange a one-off or modest monthly donation via PayPal or here to set up a monthly donation via GoCardless (SKWAWKBOX will contact you to confirm the GoCardless amount). Thanks for your solidarity so SKWAWKBOX can keep doing its job.
If you wish to republish this post for non-commercial use, you are welcome to do so – see here for more.