Security News > 2020 > January > 2015-member database floats off through breach in Royal Yachting Association's hull
The Royal Yachting Association has told members that "An unauthorised party" may have pilfered a database containing personal information from 2015.
Stolen information included names, email addresses and "Hashed passwords", including a "Majority held with the salted hash function." No payment or financial information was said to have gone walkies.
The association statement, seen by The Reg this morning, continued: "Our investigation into this matter is ongoing and we have engaged leading data security firms, including forensic specialists, to assist in our investigation." The Information Commissioner's Office has been informed.
In an email sent to RYA members and seen by The Register, the association said: "We will provide more information to those users potentially impacted by this possible breach as soon as possible."
The standard post-breach advice is to change one's password, particularly on other sites or services where you've reused the same combination of email address/username and password.