Labour names on website compromised

Labour is desperately trying to contact 18,000 people whose details are held on its website to warn them that their names could become public after accusing National of publicising lists of financial transactions through an online blogger.

Labour president Moira Coatsworth said this morning the party had discovered a breach of its online database on Saturday and had traced it back to a "system vulnerability".

While Labour is labelling it a malicious breach, it appears that the information was readily able to be accessed on its website and the breach did not appear to occur through the website being hacked or because of other illegal activity.

Right-wing blogger Cameron Slater, aka Whaleoil, has published some details from the database but Labour claimed today that one of the earliest downloads of the database appeared to be from an internet address belonging to a National Party Head Office mail server.

There was deep embarrassment within Labour Party circles this morning over the breach, which could prove compromising to some of its donors or correspondents, particularly any public servants  or others in sensitive positions who have supported Labour's "stop asset sales" and other campaigns.

Ms Coatsworth said the database included a list of people who had used the website to donate to the stop Asset Sales campaign and to join the party, and some lists where there have been communications on other current issues, for example the increasing cost of early childhood education.

Ms Coatsworth gave an assurance that there were no credit card details help on the site but it is understood that a number of people had expressed their concern.

Mr Slater has threatened to publish more details today.

Ms Coatsworth labelled it a politically motivated attack and said National could have alerted Labour to the vulnerability in its system.

"Instead they chose to exploit it and to download the material and pass the gap onto the blogger who they knew would reveal private information."

Mr Slater has published an email from Labour Party secretary Chris Flatt asking him not to publish private details and Ms Coatsworth said Labour accepted it had made a mistake.

"However, there is no reason to release the names of individuals who have made small non-notifiable donations to the party."
National Party President Peter Goodfellow and National Party general manager Greg Hamilton could not be contacted for comment.

- © Fairfax NZ News

Newest First

Oldest First

jabba   #5   07:53 pm Jun 13 2011

Kiwibloke. Did you vote for National after the Brash e-mails were "found" by Hager? Passive supporters .. mmm Dennis .. they were not hacked. Go to Gotcha or Kiwiblog to see Exactly how the information was obtained. Stick to the truth, not lies. Mello .. no they don't

Sean   #4   07:20 pm Jun 13 2011

Publish my name and be damned Cameron Slater!

I'm proud to support a party that has policy, a plan, and track record of excellent economic management.

Just curious, Cameron Slater claimed he had broke completely with the National party about 12 months ago, but here Slater is, doing the National party's dirty work like always. Funny that.

Kiwibloke   #3   04:33 pm Jun 13 2011

Well done Mr Blubber Man you're about to convert 100's if not 1000's of Labour supporters from passive supporters to party activits. Me included!

Dennis   #2   01:51 pm Jun 13 2011

A political party hacking their political rival's computer system in order to access potentially comprimising information with the purpose to undermine. This sounds like the high-tech version of Watergate.

mello   #1   12:33 pm Jun 13 2011

While Labour is labelling it a malicious breach, it appears that the information was readily able to be accessed on its website and the breach did not appear to occur through the website being hacked or because of other illegal activity.

Do you ever stop lying Labour?

Ad Feedback