DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

(update) NZ: National admits Labour data breach – but denies passing names to Whaleoil

Posted on June 13, 2011 by Dissent

NZPA and NBR staff report the latest in the Labour Party donor list breach reported on this blog last night:

The National Party has admitted exploiting a security hole in the Labour Party website but denies passing data to a right-wing blogger who plans to release the names of Labour Party donors.

The Privacy Commissioner has raised concerns and is monitoring the situation.

The confession means lawyers’ opinons sought by NBR now apply in part to Natonal’s situation as well as Whaleoil blogger Cameron Slater, whom earlier today threatened to release the names of 452 Labour Party donors.

The Labour website security flaw allowed a database containing supporters’ personal information to be freely downloaded until the problem was fixed over the weekend.

The database included a mailing list containing the names and email addresses of about 18,000 supporters and a list of hundreds of recent online donations, complete with names and amounts given.

[…]

The first breach was as far back as May 27 — more than a fortnight ago — but Labour did not detect it because “the people who found that gap in the system didn’t tell us”, she told NZPA.

[…]

Ms Coatsworth said the security breach had been due to a recent minor change to the website which had since been fixed. An independent security review would be launched.

Read more on The National Business Review.

Well, for Labour to say that they didn’t detect it because nobody told them is a bit of a whiner. Although entities may learn about 40% of breaches when they are contacted by those who discover them, the party is responsible for securing its own site and detecting breaches in its own security, no?

Category: Breach IncidentsExposureGovernment SectorNon-U.S.

Post navigation

← NZ: Labour apologizes over data breach (update1)
(follow-up) Ireland to extradite “Boards.ie hacker”? →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Trump Rewrites Cybersecurity Policy in Executive Order
  • AMI Group – Travel & Tours notice of ransomware attack
  • Resource: Insider Threat reports
  • Za: Cyber extortionist sentenced to eight years in jail
  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.