Security News > 2020 > November > Manchester United email servers remain offline amid what is being called a 'ransomware' attack

Players' managers looking to lift salaries by a couple of million pounds or so better check their email read receipts: a full week after Manchester United was hit by hackers, many of its systems remain offline, with at least one report claiming the club is being shaken down for ransom.
In a statement, the football club told The Register: "Following the recent cyber attack on the club, our IT team and external experts secured our networks and have conducted forensic investigations. This attack was by nature disruptive, but we are not currently aware of any fan data being compromised."
The club spokesman would again not be drawn on whether or not the attack was ransomware as reported but reiterated the club has informed the Information Commissioner's Office of the attack, something that is mandatory for organisations to do if personal data is compromised in a data security incident.
Jon Niccolls, EMEA & APAC incident response lead at Check Point, told The Register: "It's not a surprise that the attack which hit the club is reportedly a 'double extortion' ransomware attack, where the hackers both steal data and threaten to leak it unless their demands are met, as well as encrypting it to disrupt normal operations. These attacks were first seen a year ago, and have been a fast-growing trend in 2020 because they put extra pressure on organizations to pay the ransom or risk large fines from data watchdogs if large volumes of individuals' data is compromised."
The aftermath of a ransomware attack can be painful for a few days if done from backups, or it can be devastating.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/11/27/manchester_united_ransomware_report/
Related news
- Ransomware on ESXi: The mechanization of virtualized attacks (source)
- OneBlood confirms personal data stolen in July ransomware attack (source)
- Over 660,000 Rsync servers exposed to code execution attacks (source)
- Enzo Biochem settles lawsuit over 2023 ransomware attack for $7.5M (source)
- Medusa ransomware group claims attack on UK's Gateshead Council (source)
- Ransomware attack forces Brit high school to shut doors (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Security pros more confident about fending off ransomware, despite being battered by attacks (source)
- The curious story of Uncle Sam's HR dept, a hastily set up email server, and fears of another cyber disaster (source)
- Only 13% of organizations fully recover data after a ransomware attack (source)