School caretaker victimised after English Defence League database hack

Graham Cluley
Graham Cluley
@

 @grahamcluley.com
 @[email protected]

Remembrance Day PoppyAs feared, there has been some fallout after hackers stole a database of supporters from the controversial right-wing English Defence League (EDL).

The Register reports that a caretaker working at a school in Dorset, UK, was summoned to a meeting with the headmaster last week, and presented with anonymous emails accusing his wife of being a member of the EDL.

The emails referred to the stolen database, which has been made available on a number of anti-fascist websites, and urged the school to fire the caretaker and his wife, who live on the school premises.

Upon investigation the caretaker, who has not been identified by The Register, discovered that he had inadvertently donated a solitary £1 to the group via a PayPal account in his wife’s name, believing that he was supporting the armed forces in a similar way to purchasing a Remembrance Day poppy.

Sign up to our free newsletter.
Security news, advice, and tips.

The victim of the harrassment said that he recalled reading an article about the disruption of military funerals and poppy burning, by opponents to British Army activities, and he had made a donation by clicking on a button marked “support the troops” without being informed that the donation was destined to the far-right group.

Obviously the consequences could have been serious – both for the man’s job and his family – if the mob had decided he was guilty of far-right leanings just because his wife’s name and address were included in a data base of EDL “supporters”. The fact is that even if you do correctly identify someone with views that you find offensive, you should still take the higher road and not descend to dirty tricks.

A stumbled-upon database of names and addresses is just that – a list of names and addresses. You have no way of knowing how they came to be there, or if the individuals should even be listed there in the first place.

People have the right to be presumed innocent until proven otherwise – and the job to prove otherwise lies with the courts, who should determine if laws have been broken, rather than anonymous hackers and poison pen writers.

Of course, none of this would have been a problem if the English Defence League had properly secured its database in the first place.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky and Mastodon, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.