Exploit: Theft of data from member databases.
Labour Party: Second largest political party in the United Kingdom.
Risk to Small Business: 2.111 = Severe: The United Kingdom’s Labour Party announced February 20, 2019, that it had detected several attempts to access member databases and campaign tools. The surmise is that members of Parliament (MPs) who recently left the Labour Party to form a competing party known as The Independent Group tried to steal information that would allow targeting in future political campaigns. Anyone obtaining or attempting to obtain personal data without the consent of the controller is committing an offence under the U.K.’s Data Protection Act of 2018.
Individual Risk: 2.714 = Moderate: It is yet unknown if the information was obtained by individuals whose access to that information should have been revoked. Labour Party officials may also be questioned as to a large number of individuals with access to its databases, including not only MPs but also paid and volunteer campaign associates across the nation.
Customers Impacted: Undisclosed
How it Could Affect Your Customers’ Business: All organizations, whether public or private sector, need robust systems and processes to validate access rights and continually manage those rights, which includes triggering notices when unauthorized parties attempt to gain access.
ClearYolk to the Rescue: We monitor the Dark Web and find out if your customers’ data has been compromised. We work with organisations to strengthen their security suite by offering industry-leading detection.
https://www.theregister.co.uk/2019/02/21/data_breach_labour_locks_down_member_databases/
