Manchester United's scouting operation has been thrown into chaos by the cyber attack on their computer systems.
It's feared confidential material regarding player targets and on-going scouting missions may have been compromised in the sophisticated and malicious attack which crippled their IT system over a week ago.
United have revealed investigations are still on going by forensic cyber experts to discover what, if any, sensitive material the hackers may have harvested during their operation.
It's been widely reported the cyber criminals have demanded a multi-million pound 'ransom' from United to prevent confidential information being leaked but club officials refuse to confirm they are victims of ransomware.
But it's clear United are still reeling at the disruption caused by the hackers with the club's entire e mail system still disabled more than week after the breach.
That's impacted United's global scouting operation with the January transfer window just weeks away and advanced planning underway for player activity next summer.
Like all top clubs, United operate a bespoke online scouting system based around analysis data and video.
It's believed that system is now part of the forensic investigation taking place.
All details on active long and short-term player targets are held in files within the system and it's thought that confidential material along with sensitive personal details of their current squad may have been targeted.
Jon Nicholls, incident response lead at network security experts Check Point, has praised United for responding swiftly to the attack – but says it' evidence of a worrying trend for big clubs.
“It isn’t clear what type of attack hit the club, but as their statement mentioned that it ‘shut down affected systems to contain the damage and protect data,’ this suggests ransomware.
“And possibly a double extortion attack where the attackers both steal data with the threat of leaking it, as well as encrypting it to disrupt operations” says Nicholls.
“These are a fast-growing trends in 2020, and organizations such as football clubs are a prime target as their systems hold the details of hundreds of thousands of people including fans, employees, players as well as sensitive business and payment data.”
United say no external source has control of their systems and the process to restore key internal services are well advanced.
And they continue to insist they aren't aware of any fan data being compromised by the criminals behind the attack although forensic tracking is still being undertaken by cyber experts.
Sign up for the Mirror Football newsletter here
