top of page

Prestigious Surrey golf club finds itself in the rough following cyber breach

Jan 19, 2021

Updated: Sep 15, 2021

Wentworth Golf Club in Surrey is one of the country’s most exclusive clubs, however it has not prevented them from falling victim to a cyber attack.

It has been reported that over 4,000 members' personal details were seized by ‘an unauthorised third party’ as hackers gained access to the club’s database earlier this month. The hackers used the databases email system to message all members to inform them their files were encrypted, followed by a demand for payment in bitcoin to unlock them.


The Club launched an investigation and has since informed members that the Club's IT provider has confirmed their ClubHouse Online system was accessed and a data file exported. The file is believed to have contained member's personal details, including names, genders, home addresses, email addresses, landline numbers, and date of birth.


The statement from the Club said: “I fully appreciate this will be concerning for you, but we have taken third party specialist advice and have been assured there is not enough personal information in the file to enable improper access to your private account and therefore it is considered a low risk.”


Despite the breach being considered ‘low risk’, the attack demonstrates just how common these breaches are and the need to ensure good cyber security in all areas.


Chris White, Head of Cyber and Innovation at The South East Cyber Resilience Centre said: “This is another example of where hackers have moved outside what might be perceived as a ‘traditional’ business to extract information for a substantial fee. Cyber attacks like this can often be prevented or the effects significantly minimised by adopting some of the most simple but effective cyber security measures.”


“The South East Cyber Resilience Centre offers a range of services for businesses that can help you identify your digital vulnerabilities and weaknesses or, if you are a victim of a data breach, we can run an individual internet investigation that would identify what personal or private information is publicly available online.”


Find out more on our dedicated Student Services page www.secrc.co.uk/services

Comentarios

NPCC
TVP Logo
Hampshire Police Logo
SEROCU logo
Surrey Police Logo
Sussex Police Logo
Cyber Essentials Logo
Cyber Essentials Plus Logo

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of the South East Cyber Resilience Centre is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect the most recent legislation, practice, or application to your circumstances. The South East Cyber Resilience Centre provides affordable services and Cyber Essential Partners if you need specific support. For specific questions please contact us at enquiries@secrc.police.uk.  The South East Cyber Resilience Centre does not accept any responsibility for any loss that may arise from reliance on information or materials published on this website.  It is not responsible for the content of external internet sites that link to this site or which are linked from it.

© 2022 - 2025 The South East Cyber Resilience Centre

Registered in England & Wales, No. 13263448 

TM

  • Facebook for South East Cyber Resilience Centre
  • LinkedIn for South East Cyber Resilience Centre
  • X for the South East Cyber Resilience Centre
  • Youtube for South East Cyber Resilience Centre
  • Instagram for South East Cyber Resilience Centre
  • RSS feed for South East Cyber Resilience Centre
  • Threads
bottom of page