Security News > 2020 > November > Manchester United email servers remain offline amid what is being called a 'ransomware' attack

Players' managers looking to lift salaries by a couple of million pounds or so better check their email read receipts: a full week after Manchester United was hit by hackers, many of its systems remain offline, with at least one report claiming the club is being shaken down for ransom.

In a statement, the football club told The Register: "Following the recent cyber attack on the club, our IT team and external experts secured our networks and have conducted forensic investigations. This attack was by nature disruptive, but we are not currently aware of any fan data being compromised."

The club spokesman would again not be drawn on whether or not the attack was ransomware as reported but reiterated the club has informed the Information Commissioner's Office of the attack, something that is mandatory for organisations to do if personal data is compromised in a data security incident.

Jon Niccolls, EMEA & APAC incident response lead at Check Point, told The Register: "It's not a surprise that the attack which hit the club is reportedly a 'double extortion' ransomware attack, where the hackers both steal data and threaten to leak it unless their demands are met, as well as encrypting it to disrupt normal operations. These attacks were first seen a year ago, and have been a fast-growing trend in 2020 because they put extra pressure on organizations to pay the ransom or risk large fines from data watchdogs if large volumes of individuals' data is compromised."

The aftermath of a ransomware attack can be painful for a few days if done from backups, or it can be devastating.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/11/27/manchester_united_ransomware_report/