Cyber Incident Victim: United States of America

On May 19, 2019, unauthorized actors compromised President Donald Trump’s U.S. Golf Association (USGA) account through the Golf Handicap and Information Network (GHIN) platform. The attackers manipulated the account to post four fabricated golf scores—100, 101, 102, and 108—falsely attributed to games played at Trump National Golf Club in New York and the Cochise Course at Desert Mountain in Scottsdale, Arizona. These scores significantly deviated from Trump’s typical performance, which historically ranged in the 70s and 80s. The USGA became aware of the incident after media outlets reported the anomalous scores, prompting an internal review. Craig Annis, the USGA’s managing director of communications, confirmed the unauthorized activity, stating that an investigation revealed erroneous score postings on behalf of the GHIN user associated with Trump. The breach did not involve physical access to golf courses or scorecard systems but specifically targeted the digital handicap-tracking platform.

The USGA initiated an immediate investigation upon confirming the unauthorized score submissions, though the specific intrusion vector remained undetermined at the time of public disclosure. No evidence suggested broader system compromises beyond the manipulation of Trump’s account data. The incident drew media attention due to the falsified scores’ exaggerated nature and their attribution to high-profile courses owned by Trump. The USGA did not disclose whether additional accounts were affected or if user authentication protocols were implicated. Operational impacts were limited to the temporary corruption of handicap records, with no reported financial, infrastructure, or data exfiltration consequences. The association’s response focused on validating score integrity and securing the affected account, though no further corrective actions or security enhancements were detailed publicly.