UK's Labour party likely hit by a ransomware attack
Threat actors targeted a third-party software vendor responsible for handling the party data. The description of the attack seems to indicate an extortion attack.
According to an official statement, an unnamed third-party vendor was involved in a cyber-attack on October 29 that resulted in data loss.
The statement does not explicitly name whether the incident involved ransomware. However, the description of the attack appears to indicate that the third party had its systems locked.
"The third party told us that the incident had resulted in a significant quantity of Party data being rendered inaccessible on their systems," reads the statement.
It's a similar tactic that ransomware gangs use. Once a system is infected with malware, threat actors lock the data and backups, demanding ransom for a decryption key.
According to the Labour party, the data in question includes information party members provide themselves and data on registered and affiliated party supporters.
The National Crime Agency (NCA), National Cyber Security Centre (NCSC), and the Information Commissioner's Office (ICO) were informed about the attack, with the NCA leading the investigation.
Since malicious actors appear to have targeted the vendor to extract party data, the incident closely resembles a supply-chain attack, where the attackers use third-party vendors to access bigger fish.
If confirmed, the incident would be the second time a ransomware gang hit the Labour party in the last 14 months. In August 2020, another party vendor, Blackbaud, was hacked, with criminals gaining access to personal information as well as details of annual donations.
Blackbaud paid the ransom to regain access to the data and prevent it from leaking online.
Cyberattacks are increasing in scale, sophistication, and scope. The last 12 months were ripe with major high-profile cyberattacks, such as the SolarWinds hack, attacks against the Colonial Pipeline, meat processing company JBS, and software firm Kaseya.
Gangs, however, either rebrand or form new groups. Most recently, LockBit 2.0 was the most active ransomware group with a whopping list of 203 victims in Q3 of 2021 alone.
An average data breach costs victims $4.24 million per incident, the highest in the 17 years. For example, the average cost stood at $3.86 million per incident last year, putting recent results at a 10% increase.
Reports show that people most vulnerable to cybercrime tend to be adults over 75 and younger adults. Criminals were taking advantage of the uncertainty caused by the pandemic and the flood of new users to digital channels, who were especially susceptible to attack.
What to do if your password was leaked?
If you suspect that your data may have been leaked, we recommend taking the following steps in order to secure your data and avoid potential harm from threat actors:
- Use our personal data leak checker and leaked password checker to see if your data has been leaked in this or other breaches.
- If your data has been compromised, make sure to change your passwords across your online accounts. You can easily generate complex passwords with our strong password generator or consider using a password manager.
- Enable two-factor authentication (2FA) on all of your online accounts.
- Watch out for incoming spam emails, unsolicited texts, and phishing messages. Don't click on anything that seems suspicious, including emails and texts from senders you don't recognize.
More from CyberNews
Subscribe to our newsletter