Breach Notification , Incident & Breach Response , Security Operations

Manchester United Investigating Cybersecurity Incident

UK Football Club Says No Evidence of Fan Data Being Breached
Manchester United Investigating Cybersecurity Incident

The Manchester United football club of the U.K.'s Premier League is investigating a cybersecurity incident that has affected some of the organization's IT infrastructure, although it says it appears that fan and user data has not been exposed.

See Also: Pandemic-Driven Change: The Effect of COVID-19 on Incident Response

Manchester United says in a statement that its IT and security staffs have taken steps to contain the attack, and the organization is working with outside advisers to mitigate the incident.

The cyber incident will not impact the team's ability to play matches against other clubs, it says.

"Although this is a sophisticated operation by organized cybercriminals, the club has extensive protocols and procedures in place for such an event and had rehearsed for this risk," according to the statement. "Our cyber defenses identified the attack and shut down affected systems to contain the damage and protect data."

Manchester United also notes the club's media channels, including website and mobile app, are unaffected. A spokesperson for the organization could not be immediately reached for comment on Monday.

Possible Ransomware?

Although Manchester United did not offer many details about the attack, Thom Langford founder of the consultancy (TL)2, says ransomware is a likely culprit.

"Given the prevalence of ransomware in the last few months and years, the odds are that it's [involved]," Langford says. "What is interesting is that the 'club media channels, including our website and app' are unaffected. It is these functions that are very often managed by third parties and are separate to the core infrastructure anyway and maybe why they are emphasized as being unaffected."

In its recently released annual report, Britain's National Cyber Security Center noted that the number of ransomware attacks and the exfiltration of data from victims increased threefold during the past 12 months compared to the same period a year ago (see: NCSC Reports Record Number of Cyber Incidents Amid COVID-19 ).

Cyber Incidents in Sports

In July, the NCSC released a separate report that found about 25% of U.K. sports clubs were victims of ransomware.

In that report, the agency reported that an unidentified English Football League club incurred losses after a targeted ransomware attack crippled the club's corporate and security systems. As a result, CCTV cameras and turnstiles at the stadium failed to operate, which led to the cancellation of a game (see: Hackers Target UK Sports Sector to Steal Millions ).

The Premier League football club was one of many U.K. sports organizations targeted by cybercriminals. It was nearly bilked out of 1 million pounds ($1.2 million) in a business email compromise scam, according to the NCSC.

The report states that 70% of U.K. sports institutions were targeted by cyber incidents. About 30% of the incidents resulted in financial losses, which averaged 15,000 pounds ($19,000). The largest loss was more than 4 million pounds ($5.1 million).

The NCSC states that about 30% of sports organizations do not regularly patch their systems. Some 56% of teams' and sports facilities' payment systems, turnstiles and CCTV networks are remotely accessible by third parties, offering easy entry into the team's network, it reports.

In 2018, Liverpool Football Club reported a hacking incident that exposed the data of about 150 season ticket holders and resulted in the theft of their banking information.


About the Author

Prajeet Nair

Prajeet Nair

Principal Correspondent

Nair is principal correspondent for Information Security Media Group's global news desk. He has previously worked at TechCircle, IDG, Times Group and other publications where he reported on developments in enterprise technology, digital transformation and other issues.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.