Labour says attack politically motivated
Labour Party is accusing National of a "politically motivated attack" as a right-wing blogger threatens to release the personal details of thousands of Labour supporters.
In an email apology sent to donors yesterday, Labour Party secretary Chris Flatt said an investigation had been launched after the discovery of a possible breach of its online donation system.
Details included names, email addresses, and amounts of donations and membership fees, but no credit card details were taken.
Mr Flatt said the system had been secured to ensure a breach could not recur, and there would be an independent security review.
Blogger Cameron Slater said he had the data and had done nothing illegal to obtain it.
Slater said the Labour Party had raised $11,831.50 online, and he would release names of donors this afternoon.
The data appears to have been publicly available and was accessed at least six times before the website vulnerability was fixed yesterday.
Labour president Moira Coatsworth today said the party understood the seriousness of the breach and had apologised unreservedly to donors affected.
There was no reason to release the names of individuals who had made small donations to the party, she said.
One of the earliest downloads of the data appeared to have been from a National Party head office server, she said.
"This is a politically motivated attack" she said.
"The National Party had a choice to alert us to this vulnerability in our system. Instead they chose to exploit it and to download the material and pass the gap on to the blogger who they knew would reveal private information."
National Party president Peter Goodfellow today said he was looking into whether anyone from National had accessed the data or alerted Labour to the vulnerability.
"I've asked to check to see if anybody did access the website when that gaping hole was there a week or so ago," he told NZPA.
"We were aware of this last week ... the tech community had been talking about it, but we were more concerned about our own security and wanted to double-check that our system was as solid as we thought it was."
Mr Goodfellow said the National Party website was "subject to some pretty rigorous audits" and he was not aware of any potential security issues.