The Oxford & Cambridge Club – an elite organisation whose membership includes some of the most wealthy and well-connected people in Britain – has admitted its 5,000 members are at risk from financial fraud after a computer drive disappeared without trace from its swanky HQ on Pall Mall in central London.
Actor and comedian Stephen Fry and astronomer royal Lord Rees of Ludlow are reportedly among those affected by the breach, which the club maintains was the result of a break-in at its offices, and not a security cock-up.
The theft was reported to the Metropolitan Police after being discovered on November 16. Officers are reportedly studying CCTV footage and attendance records to see who was in the club at the time.
Club secretary Alistair Telfer has asked all members to monitor their bank accounts for “suspicious activity”.
According to a letter seen by the Sunday Telegraph, Telfer wrote: “We have been advised that we should write to confirm that there may have been a data breach at the club which could possibly result in disclosure of your personal data held on the club computer system.
“This situation has arisen as a result of the theft of a storage disk, and not as a breach of the cybersecurity system, and although the data contained on the disk is protected by multiple layers of security and heavy password protection, we have been advised by data specialists that there is a very remote chance that information could be obtained.
“As this could potentially enable identity theft, the management felt that members should be informed as a duty of care.”
The club draws its membership from alumni of England’s two ancient universities. Distinguished former members include Harold Macmillan, Lord Palmerston and the Duke of Wellington, William Makepeace Thackeray and T S Eliot.
The club has its origins in the 1820s but took its current name in 1972 after the amalgamation of the United University Club and the Oxford & Cambridge University Club. Honorary members, including the Duke of Edinburgh and the Prince of Wales, are understood to be unaffected by the breach.
Royal Mail battered over harrowing ID theft campaign
Social media sites branded a goldmine for ID thieves
Forget hackers, most ID thieves target the dead
Personal data widely available on dark web