Get all your news in one place.
100’s of premium titles.
One app.
Start reading
The Guardian - UK
The Guardian - UK
Politics
Jamie Grierson

Tory party refers itself to watchdog over alleged data breach

Rishi Sunak surrounded by party supporters  at Conservative party conference
Rishi Sunak at last year’s party conference in Manchester. The ICO suggested the party had failed to use blind carbon copy (BCC) when sending out an email to supporters. Photograph: Christopher Thomond/The Guardian

The Conservative party has referred itself to the data protection watchdog over an alleged data breach after it revealed hundreds of email addresses in a pitch to sign up for its annual conference.

The party’s registration team, urging supporters to complete their applications for conference, reportedly copied in more than 300 addresses in a way that they could be seen by all recipients.

The Information Commissioner’s Office (ICO), which enforces data protection, suggested the party had failed to use blind carbon copy (BCC) – sending an email to multiple people and wanting to keep addresses private – correctly.

It said: “The Conservative party has made us aware of this incident and we are assessing the information provided. Failure to use BCC correctly in emails is one of the top data breaches reported to us every year.

“Organisations should consider using alternatives to BCC such as bulk email services, mail merge, or secure data transfer services, so personal information is not shared with people by mistake.”

The blunder emerged on the same day that Rishi Sunak shifted his electoral pitch to the country to focus on national security, arguing Britain would be safer under his leadership than under a Labour government.

A Labour source said: “On the day Rishi Sunak proclaims the Tories as the great protectors of our national security, it turns out they can’t even protect a database of contacts. You couldn’t make it up.

“The country can’t risk another five years of the Conservatives, who have hollowed out our armed forces and turned Britain’s borders into a sieve.”

The Conservative party apologised for the breach and confirmed to the Daily Telegraph it had referred itself to the ICO.

A Tory party spokesperson said: “We are aware of an issue relating to a conference registration email and are currently investigating the cause of this. We apologise to those affected and have self-reported to the Information Commissioner’s Office.”

In a wide-ranging speech on Monday at the Policy Exchange thinktank, Sunak vowed to fight the next election on the UK’s security, attacking Labour and Keir Starmer in a fiercely political speech in which he said: “The choice at the next election is: who do you trust to keep you safe?”

He said: “Above all, you can trust me to keep you and your family safe and secure from the threats we face at home and abroad.

“There are storms ahead. The dangers are all too real. But Britain can feel proud again. Britain can feel confident again. Because with bold action and a clear plan, we can and we will create a secure future.”

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.