Manchester United Football Club hit by Cyber Attack - BrightCloud Technologies
Happy Users | Better Business

Sales 0370 770 9722
Support 0370 770 4548

Manchester United Football Club hit by Cyber Attack

November 24th, 2020 by Kris Price

FootballLate on Friday evening 20th November, Manchester United released a statement announcing they had been victims of a cyber-attack. The statement described the attack as “a sophisticated operation by organised cyber criminals”.

The statement also said the club wasn’t aware (yet) of any breaches to customer personal data. As all businesses are aware, or at least should be, by law any data breach must be reported to the Information Commissioners Office (ICO) within 72 hours of the data breach being detected. This was introduced as part of GDPR. If the breach has managed to obtain personal information on any individuals, it is also the businesses duty to contact each affected person. As it stands Manchester United have followed proper protocol and confirmed the breach has been reported to the ICO.

With Manchester United hosting West Bromwich Albion in a Premier League clash on Saturday night, the club was keen to stress that the systems affected wouldn’t have an impact on the match, so it could still go ahead (Manchester won the game 1-0, some would say they wished the game hadn’t gone ahead as it was somewhat underwhelming!).

The statement from the club reads:

“Manchester United can confirm that the club has experienced a cyber-attack on our systems. The club has taken swift action to contain the attack and is currently working with expert advisers to investigate the incident and minimise the ongoing IT disruption.

Although this is a sophisticated operation by organised cyber criminals, the club has extensive protocols and procedures in place for such an event and had rehearsed for this eventuality. Our cyber defences identified the attack and shut down affected systems to contain the damage and protect data.

Club media channels, including our website and app, are unaffected and we are not currently aware of any breach of personal data associated with our fans and customers. We are confident that all critical systems required for matches to take place at Old Trafford remain secure and operational and that tomorrow’s game against West Bromwich Albion will go ahead.”

Manchester United also confirmed this attack was something they had “rehearsed” for, but no information was provided about what this entailed.

These types of attacks are all too common, and in the last couple of years some other global organisations have also seen similar attacks, earlier this year I blogged about the Travelex cyber-attack and its impact.

To help combat such attacks, BrightCloud can offer several services and solutions, including Backup as a Service (BaaS) and Disaster Recovery as a Service (DRaaS). Both act, to varying degrees, as an insurance policy if you suffer a similar attack to Manchester United.

One of the ways cyber criminals can attack systems is through malware. This software works in various ways depending on the strain infecting a system. A common infection method is when an unwitting user opens a link or file on an email from a spoof email address pretending to be from a popular mobile phone or computer brand, for example. Opening this file or link can then download the malware onto the businesses systems. This file can sit there dormant, for weeks or months. Then it can trigger randomly, going about corrupting files, so when users open an infected file they may be prompted with a note saying the file is encrypted and the user must pay a ransom to unlock the file – this is known as Ransomware.

There are several ways, using BrightCloud’s services, the infected file or systems can be protected and recovered.

Whilst Manchester United appear to have avoided a major disaster following the cyber-attack, using something like Asigra’s Attack-Loop technology may have avoided the situation altogether, if the attack was indeed malware related. The malware was sophisticated enough to bypass any on access scanning and anti-virus software Manchester United should have in place, however with Asigra’s technology, the malware would have been detected and highlighted to the IT staff at the club.


Want to find out more? CALL US: 0370 770 9722   or    EMAIL US


BrightCloud have proved to be exceptional hosts for the Trust’s system. BrightCloud are fully conversant with the software, which enables their suppo…



BrightCloud part of the Open Reality Group