DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

(update) NZ: National admits Labour data breach – but denies passing names to Whaleoil

Posted on June 13, 2011 by Dissent

NZPA and NBR staff report the latest in the Labour Party donor list breach reported on this blog last night:

The National Party has admitted exploiting a security hole in the Labour Party website but denies passing data to a right-wing blogger who plans to release the names of Labour Party donors.

The Privacy Commissioner has raised concerns and is monitoring the situation.

The confession means lawyers’ opinons sought by NBR now apply in part to Natonal’s situation as well as Whaleoil blogger Cameron Slater, whom earlier today threatened to release the names of 452 Labour Party donors.

The Labour website security flaw allowed a database containing supporters’ personal information to be freely downloaded until the problem was fixed over the weekend.

The database included a mailing list containing the names and email addresses of about 18,000 supporters and a list of hundreds of recent online donations, complete with names and amounts given.

[…]

The first breach was as far back as May 27 — more than a fortnight ago — but Labour did not detect it because “the people who found that gap in the system didn’t tell us”, she told NZPA.

[…]

Ms Coatsworth said the security breach had been due to a recent minor change to the website which had since been fixed. An independent security review would be launched.

Read more on The National Business Review.

Well, for Labour to say that they didn’t detect it because nobody told them is a bit of a whiner. Although entities may learn about 40% of breaches when they are contacted by those who discover them, the party is responsible for securing its own site and detecting breaches in its own security, no?

Related Posts:

  • NZ: Labour apologizes over data breach (update1)
  • NZ: Labour Leaks — How I did it
  • Norway's Labour Party was hacked by Russia: report
  • Large-scale cyberattack hits Labour Party systems
  • UK: Labour Party discloses cyber attack, members'…

Post navigation

← NZ: Labour apologizes over data breach (update1)
(follow-up) Ireland to extradite “Boards.ie hacker”? →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • Ransomware attack on indie game maker wiped all player accounts
  • Hospitals in multiple states diverting patients after Ardent Health Services hit with ransomware attack
  • DHS/CISA and UK NCSC Release Joint Guidelines for Secure AI System Development
  • Henry Schein re-encrypted by BlackCat again
  • Europe’s grid is under a cyberattack deluge, industry warns
  • Municipal Water Authority of Aliquippa hacked by Iranian-backed cyber group
  • Ransomware group leaks data allegedly from Granger Medical Clinic
  • IBM, Johnson & Johnson Hit With Second Health Data Breach Suit

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net