Labour investigates database breach
MOIRA COATSWORTH President of the New Zealand Labour Party
On Saturday Labour discovered the possibility of a malicious breach of an online Party contact database. We began an
On Sunday we isolated a system vulnerability that we believed had been exploited. The system was immediately secured. We
fully understand the seriousness of this kind of event, and we have apologised unreservedly. One of the earliest
downloads of the database appears to be from an internet address belonging to a National Party Head Office mail server.
The information was subsequently accessed by a person with strong links to National and ACT.
The database in question includes a list of people who have used the website to donate to the Stop Asset Sales campaign
and to join the party, and some lists where there have been communications on other current issues, for example the
increasing cost of early childhood education. No credit card details were held on the site. All people whose privacy may
have been compromised have been informed.
This is a politically motivated attack. The National Party had a choice to alert us to this vulnerability in our system.
Instead they chose to exploit it and to download the material and pass the gap onto the blogger who they knew would
reveal private information.
The Labour Party accepts we have made an error however there is no reason to release the names of individuals who have
made small non notifiable donations to the party.