Security News > 2021 > November > Labour Party supplier ransomware attack: Who holds ex-members' data and on what legal basis?

Mystery surrounds the Labour Party ransomware attack, with former party members who left years ago saying their data was caught up in the hack - while official sources refuse to say what really happened.

"On 29 October 2021, we were informed of the cyber incident by the third party. The third party told us that the incident had resulted in a significant quantity of Party data being rendered inaccessible on their systems," Labour spokeswoman Sophie Nazemi told The Register.

Identifying the source of the ransomware attack and apparent data breach is important for those seeking accountability from the data processor, as well as understanding how and why their political party was passing their data to others.

I've just had an email from the Labour Party about their data breach.

While the Labour Party is primarily responsible for data it collects, that doesn't excuse third-party data processors from obeying the law.

If you are caught up in the so-called Labour Party data breach and think you might know who the mysterious third party is, contact the author by clicking his name at the top and sending him an email.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/11/05/labour_party_ransomware_data_breach_questions/