Soccer field
Image: Unsplash/Photomosh

Royal Dutch Football Association says hackers stole employee data

The governing body for soccer in the Netherlands said Tuesday that hackers were able to steal the personal information of its employees during a cyberattack.

Marianne van Leeuwen, director of professional football at the Royal Dutch Football Association, said in a statement that all of the organization’s servers were investigated to figure out the impact of the attack on their campus network.

“Earlier it became clear that primary business operations will not be jeopardized and that e-mail systems, for example, have remained unaffected. So football will continue as planned. But it is now also clear that the cybercriminals have illegally obtained personal data from KNVB employees,” van Leeuwen said.

“Details of this data are under investigation. The cyber break-in has been reported to the Dutch Data Protection Authority. Despite our security system, the KNVB has now also fallen victim to this. We are particularly sorry that our employees may have to deal with this.”

The organization did not respond to requests for comment about whether the incident involved ransomware and how many employees were affected.

The Royal Dutch Football Association runs the country’s main soccer leagues, the KNVB Cup, and the Dutch men's and women's national teams as well as amateur leagues.

The organization is based in Zeist and has more than 1.2 million members, making it the largest sports association in the country.

There have been several high-profile cyberattacks on soccer institutions in recent years. The National Cyber Security Centre (NCSC) released a report in 2020 that outlined a range of attacks, including a ransomware attack on a Premier League team that severely damaged its corporate systems, even crippling the turnstile system and nearly forcing the team to cancel a game.

Hackers nearly stole $1.2 million from another Premier League club by breaking into the email account of a team’s director during a transfer negotiation. The business email compromise almost allowed them to move the transfer fee into bank accounts controlled by the hackers.

A similar scheme was successfully conducted in 2018 on the email account of an Italian Series A soccer club official. More than $1.75 million was stolen by hackers who managed to siphon off payments made to the team by a streaming platform. The Spanish National Police eventually arrested 11 people involved in the hack in Barcelona in 2022.

Manchester United also suffered a cyberattack in 2020 that affected several internal systems.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles

Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.