The Lib Dem voter data breach was another classic example of what can happen when data is inadvertently not secured.
The personal details of Liberal Democrat voters was accidentally left exposed and open to public access without the need for log-in credentials, let alone even a password.
The information exposed in the data breach included personal details and voter canvasing notes, both of which are personal and can be sensitive.
Information exposed in the Lib Dem voter data breach
Information exposed in the Lib Dem voter data breach included:
- Names;
- Addresses;
- Birth dates;
- Home and mobile telephone numbers;
- Nearest polling station location.
The data exposed was reportedly for members of the Lewisham and South East London area, and the data exposed in the breach also included data gathered as part of canvassing operations, where labels such as “yellow labour” and “weak lib dem” were reportedly included. Telephone scripts were also amongst the data exposed.
In some cases, entire families are thought to have been affected by the breach.
Reported to the ICO
The Lib Dem voter data breach has been reported to the UK’s data watchdog, the Information Commissioner’s Office (ICO), and an urgent internal investigation has also been launched.
It’s clear that the data exposed in the breach should have been password-protected and only accessible by those with the appropriate authority. The blunder has landed the political party in hot water given the raft of personal details about their voters that has been exposed.
In a statement, the party said:
“As soon as we were made aware of the issue we immediately took action and closed access. We are urgently investigating how this happened and have taken steps to ensure it will not again.”
Sensitive information exposed
The Lib Dem voter data breach allowed for the personal and sensitive information for their voters to be exposed in an entirely preventable incident. This was a case of what appears to be a simple mistake by allowing private information to not be secured behind a log-in and a password, and as a result of this simple oversight, people’s data has been exposed.