It sounds like United had pretty good safeguards in place, but without those they could feasibly get all of our credit card details.
You’ve obviously got an insight into cyber attacks. What would you imagine the most likely purpose of an attack would be on the club? Customer‘s financials? Confidential club info? Or is a cyber attack too broad a description to decipher?
hard to say really but I think it’s likely to be after the high level emails/files from the likes of Woodward that talk about the clubs strategy ie plans for a European super league, project big picture etc. We are effectively deciding the future of world club football at the moment and this would be of interest to nations, governments and football clubs. I doubt in this case it would be done to obtain customer details.
these sophisticated organised attacks as described by the club are often nation state sponsored and it would not surprise me if Qatar and/or the UAE or others are behind it at arms length so it can’t be tracked back to them, given the implications for their investments. The Chinese do this all the time.
I’d be interested to see how they did it. It’s not like the movies where someone types really fast on a laptop and suddenly they’re in to the whole network. If the safeguards really are as good as the club says then there will have been months of probing and moving across machines to find the right privileges to get access to data. The only way to combat against it is to surface the attack before they get to machines/permissions in the network (like Woodies laptop) and isolate the infected devices before it’s too late.
edit: rumours are that it was a THIER ransomware that someone clicked on. Unclear what this means. I imagine it will be all hands to pumps to figure out what was actually taken. It can be difficult to tell especially early on and many ransomware attacks can blag their way to money even when they haven’t got the full amount of data they claim to have.