Labour has accused National of passing sensitive information gained from a "malicious breach" of its online security to right wing blogger Cameron Slater in "a politically motivated attack".
Labour yesterday said it was investigating "the possibility of a malicious breach of an online Party contact website" after Mr Slater began to release information about donations to the party and other inside information.
Party President Moira Coatsworth said the party had yesterday identified "a system vulnerability that we believed had been exploited".
"The system was immediately secured. We fully understand the seriousness of this kind of event, and we have apologised unreservedly."
Ms Coatsworth said one of the earliest downloads of the database, "appears to be from an internet address belonging to a National Party Head Office mail server".
"The information was subsequently accessed by a person with strong links to National and ACT... This is a politically motivated attack," Ms Coatsworth said.
"The National Party had a choice to alert us to this vulnerability in our system. Instead they chose to exploit it and to download the material and pass the gap onto the blogger who they knew would reveal private information."
This morning on his site, Mr Slater said the donation lists he received "have been public for months and I reject any claim that I am a thief or a bludger."
Mocking the fact the information showed Labour had raised just $11,831 in online donations and membership renewals is recent months, he planned to publish the donation list - including names of donors - this afternoon.
Ms Coatsworth said Labour accepted it had made an error in not protecting the information, "however there is no reason to release the names of individuals who have made small non notifiable donations to the party".
She said the database included a list of people who has used the party's website to donate to its Stop Asset Sales campaign and to join the party.
Information downloaded from the site also included lists of people who had been in communication over current issues such as early childhood education. Ms Coatsworth said no credit card details were held on the site.
"All people whose privacy may have been compromised have been informed."
Party secretary Chris Flatt yesterday emailed all those on the database, apologising and assuring them the system was now secure.
The Herald understands that email went to 18,000 individuals.