The Conservative party accidentally made hundreds of email addresses visible in a message to encourage conference registration and has referred itself to the data protection watchdog.
Email Blunder
The Tory party’s registration team sent an email to around 300 supporters regarding their annual conference and reportedly left all the recipients’ addresses visible to all.
Information Commissioner’s Office (ICO)
The party has reported the error to the ICO, which is responsible for enforcing data protection. The ICO believes that the error results from using CC (carbon copy) instead of BCC (blind carbon copy), which obscures those recipients’ email addresses.
Top Data Breach
According to ico.org.uk, failing to use BCC correctly is “one of the top data breaches reported to us every year”.
Bad Timing
The data leak occurred on May 13 this year, the same day the party leader and PM Rishi Sunak stated, “The choice at the next election is: who do you trust to keep you safe?”
Sunak’s position in the next election seems now to be based on the Tory party being the best choice for national security.
Security Risks
The leak, possibly a simple administrative error, certainly brings Sunak’s ability to keep the country secure into question. Sunak said, “Above all, you can trust me to keep you and your family safe and secure from the threats we face at home and abroad” on the same day as the data breach.
What Will Happen?
The ICO will likely produce a report on the breach and make recommendations to avoid a similar event in the future. The ICO can also issue fines for breach of data protection law.
Not the Only Breach
This recent email address leak comes just days after a cyber attack against the Ministry of Defence.
Personal Data Breaches
ico.org.uk reports that 32.5% of personal data breaches reported to them in the last year were cyber-related.
Dangers From Within
As this leak from the Tory party shows, cyber attacks are not the only risk to businesses, groups and individuals. In 2022, the ICO warned that “complacency” and internal problems are more significant risks than external factors.
Staying Safe
Key measures, such as updating software and training staff, are crucial for avoiding vulnerabilities and errors that lead to data breaches.
Data Protection Law
Lax measures can have a serious impact on staff and companies. For example, a phishing email sent to Interserve Group Ltd resulted in hackers accessing the personal data of over 100,000 staff members. This breach of data protection law resulted in a £4.4m fine for the company.
Tory Party Security
While Sunak spoke yesterday about the better security the UK can expect under the Tories, Labour leader Keir Starmer disputed their competency.
“Wasted Billions”
Starmer said, “I know first-hand the importance of national security…but in order for that to happen you need a credible plan. What’s his record? He’s hollowed out our armed forces, he’s wasted billions of pounds on procurement.”
Lashing Out
Speaking on 13 May, Sunak went on the offensive. Sunak said, “Labour have no ideas” and “maybe they can depress their way to victory with all their talk of doom loops and gaslighting and scaremongering about pensions.”.
A Notable Absence
Despite speaking for half an hour, Sunak did not take the opportunity to announce a General Election.
Defending the Track Record
Described by the BBC as an “opening salvo in an election campaign”, Sunak took the chance to highlight the areas where he believed the Tories had delivered – including Covid vaccine delivery, pensions and cutting carbon emissions.
What Next?
While there aren’t likely to be any significant developments following the data breach, what changes the Tory party will make in this turbulent time following the local elections remains to be seen.
The post Conservative Party’s Data Breach Exposes Hundreds of Email Addresses first appeared on Swift Feed.
Featured Image Credit: Shutterstock / Sean Aidan Calderbank.