FC Barcelona Reports and Resolves Cyber Attack on Access Management Systems

• FC Barcelona was the target of a cyberattack that impacted its user services and systems.
• While the nature of the attack was not divulged, the public announcement mentioned its scope was limited.
• The football Club initiated complementary security measures to mitigate the risk of any similar future occurrences.

FC Barcelona has disclosed details of a recent cyber attack that targeted its access management systems. Over the weekend, the Club detected what it described as a "limited-scope" incident. 

Initial assessments confirm that the attack had minimal impact on user services and the information processed within the systems, ensuring there was no risk of identity theft at any point.

Recognizing the growing prevalence of cyber threats, the Club emphasized that it consistently experiences such attempts and has implemented robust cybersecurity measures designed to safeguard its infrastructure. 

Following the swift identification and resolution of this incident, FC Barcelona reported the breach to Spain's data protection authority, the Agencia Española de Protección de Datos (AEPD), in line with regulatory requirements. 

Furthermore, complementary security measures have been initiated to mitigate the risk of any similar future occurrences.

The Club reiterated its commitment to preserving the privacy and security of its members, partners, and fans. "With the rapid detection and resolution of this incident, the Club wishes to demonstrate, once again, its commitment to the privacy and security of our members and fans," said a statement released by FC Barcelona. 

Efforts to continuously improve its systems reflect a proactive approach to ensuring a safe and protected digital environment.

This incident highlights the challenges organizations face in an era of increasing cyber threats. FC Barcelona's handling of the issue serves as a reminder of the importance of robust security protocols and the need for ongoing vigilance in protecting sensitive information.

In December 2024, a Bologna FC data breach was claimed by the RansomHub Ransomware threat actor on the gang’s leak site. The football club confirmed the security incident that impacted a cloud server and the club’s internal network and among the stolen details are reportedly some that concern coach Vincenzo Italiano.