Royal Yacht Association Databreach
On 17 Jan 2020, the Royal Yachting Association (RYA) announced that “an unauthorised party” stole the data from a membership database.
The data breach involved theft of RYA members’ personal information stored in a Database created in 2015. Data removed includes names, email addresses and “hashed passwords”, including a “majority held with the salted hash function”. No financial information was removed.
The RYA has engaged “leading data security firms, including forensic specialists” to investigate the incident which has been reported to the Information Commissioner’s Office. Remedial action involved all RYA online accounts having passwords reset and DB access disabled until the reset is effected.