RAF Club members emailed fake invoices. Has it been hacked?

Military personnel's social centre scratches its head

A Eurofighter Typhoon and a Hawker Hurricane, both flown by the Royal Air Force. Crown copyright

The Royal Air Force Club appears to have been the victim of a hack, following members being sent fake invoices for staying at the club's London HQ.

A source contacted The Register with a copy of the fake invoice, which was for £200 and spoofed to appear as if it had come from the club itself.

An emailed update sent to RAF Club members about the fake invoice said:

We are aware that two spam emails have been sent to some Club Members in relation to an invoice this morning. If you have received these, please delete them and do not open them.

The Club's Systems Manager is investigating the source of the emails, however at this stage it would appear that the emails have not been sent from the RAF Club server.  Please do not telephone the Club or send emails about this as we are unable to answer all the phone calls.

Please rest assured that we are investigating this issue as a matter of urgency and we will send a further email to update later on today.

The Register emailed the RAF Club to ask whether the membership list had been accessed by hackers. A club spokesman said: "The RAF Club is aware that spam emails appear to have been sent to some Club members this morning. The Club is investigating this issue as a matter of urgency and will be updating members in due course."

The commandant of the Air Training Corps, a serving RAF air commodore, confirmed on Twitter that she was one of the personnel who received the fake invoice. The ATC is an RAF-sponsored youth organisation.

The apparent leak of the email list is bad but if the membership list has been accessed, the details of many hundreds of serving and former RAF officers and airmen could now be in the hands of criminals – or worse. At the moment, however, there is no indication that this incident involves more than just the RAF Club's email list.

We will update this story as we hear more. ®


Biting the hand that feeds IT © 1998–2017