Manchester United are being held to ransom for millions of pounds after cyber attack

By Myles Dacres

Manchester United are allegedly being held to ransom for millions of pounds by cyber criminals who have crippled the club’s systems.

United have brought in a team of technical experts to contain the potentially ‘disastrous’ attack that was launched more than a week ago.

T the hackers allegedly still have United in their grip after the National Cyber Security Centre on Thursday night confirmed they are helping the club to resolve the crisis.

The lapse of security at one of the world’s biggest sports clubs is believed to be far more serious than first feared. United’s network has been infected by ransomware – a computer virus – and they now face the option of having to pay up or risk seeing highly sensitive information about the club and its stars leaked into the public domain.

It’s unclear who the criminals are or how much they want, but the NCSC revealed that in the last year an EFL club were hit with a £5m demand and the biggest single loss to a sports organisation from cyber-crime was £4m.

United could also face fines of £9m, £18m or two per cent of their total annual worldwide turnover from the independent government body Information Commissioner’s Office if the attack is found to have breached their fans’ data protection – although the club on Thursday night reassured supporters that is not the case.

United has insist the attack will not impact match-day operations. The next home game is against Paris Saint-Germain in the Champions League next week on Wednesday night.

A statement on Thursday 26th November read: ‘Following the recent cyber-attack on the club, our IT team and external experts secured our networks and have conducted forensic investigations.

We sincerely hope Man United can resolve this issue without compromising the data of their players and fans and we hope they can put the proper procedures in place to prevent attacks of this nature happening in the future.

Contact Us

Send us a Message









Data Protection Project
GDPR Gap Analysis/Audit/Review
Outsourced Privacy Officer/DPO
Support Desk
SAR Support
PCI DSS
ISO27001/27701
Cyber Maturity Assessment
NIS Regulations
Information Governance Documentation
DataWise System
Other

We are always happy to make contact with you by either phone, email or a face to face meeting at our office or yours. We work standard UK office hours – every week day 0830 to 1730.


IMPORTANT INFORMATION

We have been advising those people who have contacted us that they should make a complaint to the Information Commissioner’s Office (ICO) using this link https://ico.org.uk/make-a-complaint/nuisance-calls-and-messages/spam-texts-and-nuisance-calls/.  It would be helpful to the ICO if you knew the number that called you, the date and time of the call and what the call seemed to be about.

You might also want to register your phone number with the telephone preference service (TPS), a national suppression service which should cut down calls of this nature as it is not lawful to make unsolicited direct marketing calls to numbers registered on the TPS.  You can register your number here https://www.tpsonline.org.uk/register.

We know that these kind of calls can be distressing and intrusive and you have our sympathy.  Please do not hesitate to contact us if you would like to discuss it with us otherwise we’d encourage you to report it to the ICO as notifying them of this kind of practice enables them to investigate and take enforcement action where necessary.  You can see the action that has been taken by the ICO here https://ico.org.uk/action-weve-taken/enforcement/.

Data Protection People Limited – March 2021