It is fair to say striker Jamie Vardy has got Leicester City out of a few scrapes over the years but even he will be hard-pushed to rescue the club from being thrashed by the Information Commissioner’s Office following a hack attack which has left fans’ personal data more exposed than a team with a one-armed goalie.
The former Premier League champions now face an ICO investigation into how the personal and financial details of supporters registered with Leicester City Football Club, have been compromised in a breach of the club’s online store.
Cyber criminals gained access to the club’s systems between April 23 and May 4, with cardholder names, card expiry dates, card numbers, and the three-digit CVV anti-fraud numbers potentially pilfered.
The club notified relevant authorities including the ICO shortly after the breach was discovered, with affected supporters informed through an official club notice. Leicester City has subsequently disclosed several further details around the hack.
A club spokeswoman told the Leicester Mercury: “Upon discovery of the breach, the security of our retail platform was immediately restored and appropriate measures were taken to ensure the security of all other online assets,
“In line with its GDPR responsibilities, the club informed all necessary parties, including potentially affected users, the police and the ICO, and launched an immediate investigation into the source of the breach.
“The investigation is currently ongoing. The club has been in direct contact with all users that were potentially affected by this breach.”
The club has now vowed to take “all legal recourse against those responsible for this malicious attack”.
The ICO confirmed: “Leicester City Football Club has made us aware of an incident and we are making enquiries.”
Half of UK firms would pay ransom to avoid GDPR fine
ICO reveals it has 10,000 data breach cases to probe
Uber fined £900,000 over ‘complete disregard’ for data
TalkTalk back in dock for keeping quiet over stolen data
Top tourist attractions hit by 110m data theft attacks
Over 40% of firms suffered cyber breach in past year
Firms warned over new wave of nefarious cyber attacks