14 DAY TRIAL // Some members of the Sausalito Yacht Club (SYC) have been informed that personal information about them has been exposed to unauthorized individuals, on or about October 1.
There is no clear view of what happened, but it seems that several fellow members of the club managed to take a peek at the club's roster containing details about customer names and their private SYC numbers.
This information would allow an attacker to benefit from different services inside the club, such as purchasing beverages, meals and other goods, at the expense of a different member.
In a letter to the affected customers, Bryan Lawton, Chairman Executive Board, and Mike Fiske, Commodore, inform that personal contact details have also been exposed, and in some cases, financial information was accessed.
On the upside, there is no indication that bank account or credit/debit card data was at risk.
“We sincerely regret any inconvenience that you might encounter as a result of this intrusive and thoughtless breach of privacy, which is under investigation at this time,” the representatives of the club say in the letter.
The number of customers impacted by the security breach is not mentioned, but according to California law, Sausalito Yacht Club is required to report incidents that resulted in the exposure of unencrypted personal information of more than 500 California residents.
As a measure to protect against identity theft, new member cards and account numbers could be issued by the club. Customers are urged to check the bank statements to spot fraudulent transactions, if they occur.
“We are also undertaking steps to strengthen access to sensitive financial and membership sites with new passwords required for access by authorized users,” the breach disclosure letter informed.