The exclusive Oxford and Cambridge Club suffered a major data breach incident after thieves managed to get their hands on an external hard drive that contained personal details of as many as 5,000 members.
The stolen hard drive contained names, addresses, phone numbers, dates of birth, financial details, and photos of Oxford and Cambridge Club members.
The theft occurred at the communications room at the headquarters of the Oxford and Cambridge Club in Central London. The said hard drive not only contained personal and financial details of 5,000 members, but also data belonging to as many as 100 staff members.
Personal and financial details leaked as a result of the theft included names, physical adddresses, e-mail addresses, photographs, dates of birth, and bank account details of 5,000 members. Fortunately, the hard drive did not contain debit card or credit card details which are likely to be misused or sold by hackers at first opportunity.
'We have been advised that we should write to confirm that there may have been a data breach at the Club which could possibly result in disclosure of your personal data held on the Club computer system,' the Oxford and Cambridge Club said in a letter to affected members.
'This situation has arisen as a result of the theft of a storage disk, and not as a breach of the cyber security system, and although the data contained on the disk is protected by multiple layers of security and heavy password protection, we have been advised by data specialists that there is a very remote chance that information could be obtained.
'As this could potentially enable identity theft, the management felt that members should be informed as a duty of care. The management team would like to extend their apologies for the inconvenience caused by this unfortunate incident,' it added.
According to the Telegraph, affected members, all of whom are alumni of Oxford and Cambridge, include comedian Stephen Fry and Lord Rees, the Astronomer Royal. However, other distinguished members like Prince Charles, the Prince of Wales, and Prince Philip, the Duke of Edinburgh have not been affected by the breach.
The data breach has again made it clear that the menace of cyber warfare operates without borders and impacts the cream of the society as much as it affects the middle-class or small business owners. As such, it is pertinent that those who control personal data of citizens must abide by data protection rules and should religiously prepare for the upcoming General Data Protection Regulation which will significantly raise the costs of data breaches as a result of poor cyber security practices.