Conservative party referred to watchdog over alleged data breach

The party’s registration team, urging supporters to complete their conference registration applications, allegedly copied more than 300 addresses so they could be seen by all recipients.

The Information Commissioner’s Office (ICO), which oversees data protection, suggested the party had failed to use blind carbon copying (BCC) correctly – sending an email to multiple people and wanting to keep addresses private – correctly.

READ MORE: Shona Craven: When Rishi Sunak refers to ‘us’, Scottish voters are ‘them’

It said: “The Conservative Party has informed us of this incident and we are assessing the information provided.

“Failing to use BCC correctly in emails is one of the top data breaches reported to us each year.

“Organizations should consider using alternatives to BCC, such as bulk email services, direct mail, or secure data transfer services, so that personal information is not mistakenly shared with individuals.”

The mistake came on the same day Rishi Sunak shifted his election speech domestically to focus on national security, mentioning Scottish nationalists in a speech about extremism.

A Conservative Party spokesperson told the Telegraph: “We are aware of an issue with a conference registration email and are currently investigating the cause of this issue.

“We apologize to those affected and have self-reported to the Information Commissioner’s Office.”

Elsewhere, a Labor Party source told the Guardian: “On the day Rishi Sunak proclaims the Tories the great protectors of our national security, it turns out they can’t even protect a contact database. You couldn’t make it up.

“The country cannot risk another five years of the Tories, who have hollowed out our armed forces and turned Britain’s borders into a sieve.”