Select Page

The UK Manchester United football club confirmed falling victim to a cyberattack on their system.

They assumed that the operational attack was “sophisticatedly organized by cybercriminals” but not many other details about the case were revealed.

Still, there are a few leaks that could complement with system’s disruption.

Like, for example, were fan’s or customer’s data breached?

Let’s find out.


Manchester United IT Systems Cyberattacked

The soccer juggernaut confirmed that no data associated with either fans or customers was breached.  And it seems like the club’s mobile app, website, and social media channels are intact, as well. 

If neither the public-facing systems and gameplay was affected… Then actually happened?

According to the team’s statement made by Dirk Schrader, its cybersecurity architecture jumped in, without further notice, to take orchestrated action. He said: 

“From what is known so far, it seems like a swift, coordinated response.

They detected an incident, they had procedures developed for such type of incident — which not only covered technical measures but also internal and external communications and the call to experts to get involved.

The club has taken swift actions to contain the attack and is currently working with expert advisers to investigate the incident and minimize the ongoing IT disruption.

The club has extensive protocols and procedures in place for such an event and had rehearsed for this risk. Our cyber-defenses identified the attack and shut down affected systems to contain the damage and protect data.”


According to the club, Saturday’s match against West Bromwich Albion continued as planned. And all critical systems remained secure and operational. 

Daniel Normal, SSA said that this “cyber attack is alarming but will certainly be the last of its kind. Many hackers see cyberattacks as a game, with organizations being the target. 

The pedigree for this attack does not get more famous than one of the biggest names in sports. It is no surprise that this giant of the sporting world has been targeted.”

And he’s right. Manchester United isn’t the first pro soccer team being targeted by cybercriminals. Something similar happened to F.C. Barcelona in February, after falling victim to a credential-stuffing attack. 

The official “Barca” Twitter account was taken over, and Tweets were sent out to support Brazilian star Neymar Jr. getting back to the club’s roster. This was the second time they go for them: The gang took Facebook Page’s access in 2017.

OurMine hacking collective was the one to take credit for this attack, recently after stealing official Twitter accounts of 15 different NFL teams in January.

And finally, it was Man U.’s top rivals, Liverpool F.C. who fell prey to the attacks in July 2018. They got to harvest sensitive data from season-ticket holders. 

Daniel Normal confirms that “Elite soccer teams are arguably some of the ripest targets for cyber attackers, with significant sums of money flowing through their books across geographical boundaries, with different teams working around the clock in sales, marketing, branding, healthcare, and management. 

Moreover, a soccer team’s supply chain is extensive and diversified – the volume of customer data shared on match days, on club websites, fan forums, sponsor sites, and elsewhere provides attackers with several technical and potential human vulnerabilities that can be exposed.”

Thankfully, Manchester United has restored its internal IT after the attack. The National Cyber Security Centre assisted to ensure everything’s alright before getting back to “normal.”

An example of this, was the staff’s email being unavailable throughout the process.

They assure being aware of the incident but didn’t want to expand on those behind the attack. 

To be fair, does it even matter?

Probably not. If your business got its operational infrastructure disrupted as well, the only thing that would matter to you… Is to get it back as soon as possible, and to assure it doesn’t happen ever again.


We can help with both. But you need to take action.