A reminder that the data controller is responsible for the security and privacy of personal information, irrespective of who actually processes that data…:
The Labour Party has confirmed that details of its members and supporters is among information affected by a “cyber incident” at a company which handles the party’s data.
In a statement sent to all party members on Wednesday, Labour said the “significant” attack was on “‘a third party that handles data on our behalf” and that further inquires are ongoing.
Sources who have been responding to the incident told Sky News the incident was a ransomware attack on the third party supplier.
The matter has been referred by the party to the National Crime Agency (NCA) for investigation.
Labour’s own data systems were unaffected.