Officials say the e-mail account of William King, founder of Clubster, was hacked and resulted in members at 10 U.S. clubs receiving messages littered with racial slurs and expletives. Separately, approximately 4,000 members of the Wentworth Golf Club in England may have had their personal details fall into the hands of hackers following a ransomware attack.
Members of Anderson (Ind.) Country Club and nine other clubs received a message containing a racial slur and expletive after the e-mail account and computer used by the founder of Clubster, a social network for private clubs, was hacked on January 20, The Anderson Herald Bulletin reported. The account and computer belonged to Clubster founder William King. The message was posted to Anderson Country Club’s news feed that evening and stated it was from William King on behalf of the club.
Brian Garrett, General Manager/Director of Golf at Anderson Country Club, received a notification when the message was posted and deleted it within a few minutes, but an e-mail that contained the message in the subject line was already sent to members, The Herald Bulletin reported. Before deleting the message Garrett captured a screen shot as evidence and filed a case with the Madison County Sheriff’s Department on Thursday.
“I would like to reiterate that Anderson Country Club will not and does not take this matter as a simple juvenile hack, we are determined to find out the exact explanation behind this and are questioning Clubster’s cybersecurity roadmap to prevent this type of activity from happening again,” Garrett said in a letter sent to members and shared with The Herald Bulletin.
In a post on their Facebook page Clubster said the account the hackers used had been closed, The Herald Bulletin reported. The company also says it was not hacked, rather King’s individual e-mail account was compromised.
“These posts and e-mail contained extremely offensive and reprehensible language that does not represent Clubster, our club, or the employees of either. We sincerely apologize and are sorry for this egregious incident. This type of language and beliefs have no place anywhere in our society,” said McRedmond Morelli, Clubster CEO.
Garrett told The Herald Bulletin the club is evaluating its relationship with Clubster and a decision about using them in the future will depend on the results of their investigation and what security measures Clubster will put in place to ensure it doesn’t happen again.
“It’s just disgusting, it’s deplorable, we don’t condone it and we hope that the people that do things like this get brought to justice,” Garrett said.
Neighbors in the Anthem Country Club community in Henderson, Nev. also received the disturbing message from the club’s account on an app, KTNV reported.
The Regional Director for the Nevada Anti-Defamation League, Jolie Brislin, told KTNV the incident is a “horrible statement” that uses a technique called “false flag messaging.”
In an e-mailed statement, Brislin explained further:
A computer hack such as this horrible statement is done to invoke fear in an unsuspecting community. Whoever did this appears to have intended to go beyond just sending a hateful message. It uses a technique called “false flag messaging” that has the added layer of creating confusion about who sent it in hopes that the insidious result will be neighbor turning on neighbor. It is vital that the facts are uncovered as quickly as possible. Anthem Country Club has already begun warning its members that the ‘Clubster’ account has been hacked, explaining that the app has been notified and is currently addressing this serious issue.
Clubster said it will reach out to Henderson police about the incident.
In England, approximately 4,000 members of the Wentworth Golf Club may have had their personal details fall into the hands of hackers following a ransomware attack.
The Telegraph reported the first club members knew of the problem, was when an unauthorized message appeared on the “Wentworth at Home” Internet page claiming that “your personal files are encrypted!” and demanding a Bitcoin cryptocurrency payment for a decryption key.
It is thought that the data stolen from Wentworth’s network includes:
– Names of members
– Members’ dates of birth
– Members’ home addresses
– Members’ e-mail addresses
– Members’ phone numbers
– The last four digits of members’ bank account numbers, used for direct debit payments
Neil Coulson, Wentworth’s General Manager, attempted to reassure members that their accounts were not at risk.
“I fully appreciate this will be concerning for you but we have taken third-party specialist advice and have been assured there is not enough personal information in the file to enable improper access to your private account and therefore it is considered a low risk,” Coulson said.