Olympique de Marseille Confirms Cyberattack

In recent news, French professional football club Olympique de Marseille has been targeted in a cyberattack. The attack was confirmed by the club after a threat actor claimed to have breached their systems earlier this month.

Established 126 years ago, Olympique Marseille is a prominent participant in the Ligue 1, the premier division of the French football league system. Notably, the club was the first French team to secure victory in the UEFA Champions League in 1993.

The cyberattack on Olympique Marseille was acknowledged in an official statement released by the club. This confirmation followed assertions made by a threat actor regarding the breach of certain servers belonging to the club.

The threat actor responsible for the cyberattack has purportedly leaked a sample of the stolen data on a hacking forum. They claim to have accessed a database containing information about Olympique Marseille staff and supporters.

According to Olympique Marseille’s statement, the cyberattack was part of a wider trend of increased attacks on large organizations both nationally and internationally. The club’s technical teams and specialized service providers swiftly responded to the incident, ensuring that normal operations continued without compromise. Importantly, the club reassured its supporters that sensitive information like banking details and passwords remained secure.

While the specifics of the data breach were not disclosed by Olympique Marseille, the threat actor alleged that the stolen database contained details of over 400,000 individuals. This information reportedly includes names, addresses, order details, email addresses, and mobile phone numbers.

The stolen data reportedly also includes information on more than 2,050 Drupal CMS accounts, with 34 staff members and 1,770 contributors and moderators among those affected.

The threat actor behind the cyberattack declared their intention to sell the compromised data from Olympique Marseille on a hacking forum. They highlighted the club’s significance as a renowned French football entity with a substantial fan base.

Despite not confirming the data breach, Olympique Marseille took proactive steps by notifying the French data protection authority (CNIL), filing a complaint, and advising fans to remain vigilant against potential phishing attempts. The club’s spokesperson was unavailable for immediate comment when approached by BleepingComputer for further details.

In a similar vein, the French Football Federation (FFF) disclosed a separate data breach in November. This incident involved attackers gaining unauthorized access to administrative management software utilized by football clubs through a compromised account.

Modern IT infrastructure evolves rapidly, outpacing manual workflows. Discover how your team can streamline operations, boost reliability, and scale intelligent workflows using existing tools with the new Tines guide.

Get the guide