collapse collapse

Please donate to help towards the costs of keeping this site going. Thank You.

Recent Topics

Recent Posts

Follow us on...

Author Topic: Villa possibly hacked?  (Read 4193 times)

Offline rjp

  • Member
  • *
  • Posts: 1249
  • Location: Leicester
  • aka Rob
  • GM : 13.05.2025
Re: Villa possibly hacked?
« Reply #15 on: May 22, 2024, 10:10:36 AM »
FFS.  Policies and procedures should be in place to make sure that having this open to the public can never happen, even with non-production data.  I would be sacked on the spot if I did this in my job.  Encrypting the data is also simple and should be mandatory for personally identifiable information.  This is basic, schoolboy level, info sec practice.  If the logs show a breach they have to report it to the ICO by law.  I don't think we do any of these IT functions in house anymore, pretty sure we contracted it out years ago.

Offline purpletrousers

  • Member
  • *
  • Posts: 2033
  • Location: Luton / East London
  • GM : 25.04.2025
Re: Villa possibly hacked?
« Reply #16 on: May 22, 2024, 11:15:35 AM »
Check here to see if any of your details are 'out there' :-

https://haveibeenpwned.com/

That’s what a hacker would ask us to do.
nearly fell for it just now


Feel free to do your own  checks but I’ve used it before (with startling results) and did again. 

I’ve seen some reviews which argue they could make the way email addresses are submitted a bit more secure, and it’s not the only such service, but generally there seems to be a sense it’s a useful tool, I’d be happy if this clearly more ITK could give a more confident assessment . One review pointed out if you are taking the time to check if you are exposed pointed out you should be taking the time to use different passwords on every app/website.

Offline olaftab

  • Member
  • *
  • Posts: 41783
  • Location: Castle Bromwich
  • GM : 11.10.2025
Re: Villa possibly hacked?
« Reply #17 on: May 22, 2024, 11:48:23 AM »
Good job I changed all my online passwords last week from “Athens2024” to “Munich2025”.
You sound like a really switched on bloke, I will follow in your footstep and do the same. Munich2025 it is. (nods head and walks away feeing rightly smug)

Offline Bad English

  • Member
  • *
  • Posts: 45480
  • Age: 150
  • Location: Pyrénées Catalanes, France
  • I am Perpignan Villa
  • GM : 29.03.2025
Re: Villa possibly hacked?
« Reply #18 on: May 22, 2024, 12:26:37 PM »
I have gone for a new, longer password with a mixture of upper and lower case, a number, and a special character. This will take centuries to crack
SCORRRRRRrRRRRRRRRRRRRRRRRRRRCHI0OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO!

Offline sid1964

  • Member
  • Posts: 3313
  • Location: Dudley, not far from the Castle
Re: Villa possibly hacked?
« Reply #19 on: May 22, 2024, 12:44:19 PM »
If you do your shopping at Morrisons supermarket this has also been hacked.

Online Drummond

  • Member
  • *
  • Posts: 30474
  • Age: 53
  • Location: My own little world.
  • GM : 11.10.2025
Re: Villa possibly hacked?
« Reply #20 on: May 22, 2024, 01:11:04 PM »
I have gone for a new, longer password with a mixture of upper and lower case, a number, and a special character. This will take centuries to crack
SCORRRRRRrRRRRRRRRRRRRRRRRRRRCHI0OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO!

"I'm sorry, you cannot have the same password as another user; this password was used earlier today. Please speak to your internet provider if you require any further information."

Offline purpletrousers

  • Member
  • *
  • Posts: 2033
  • Location: Luton / East London
  • GM : 25.04.2025
Re: Villa possibly hacked?
« Reply #21 on: May 23, 2024, 12:14:07 PM »
https://www.avfc.co.uk/news/2024/may/22/club-statement/

Yesterday 22/5

Quote
Aston Villa is aware of recent news reports of a publicly accessible AWS S3 bucket which reportedly contains fan data.

First and foremost, Aston Villa takes the privacy and security of its fans’ personal data extremely seriously and is carrying out a full and robust investigation into these reports, led by its Data Protection Officer and supported by the Club’s incident response team.

The Club believes that the reports relate to a vulnerability on one of its service provider’s systems and is working closely with the service provider, who are implementing their own in-depth inquiry.

Aston Villa will continue to communicate any updates from the ongoing investigation in due course but would like to reassure supporters that the Club is seeking a swift and thorough resolution to the matter.

Online Somniloquism

  • Member
  • *
  • Posts: 27682
  • Location: Back in Brum
  • GM : 06.12.2024
Re: Villa possibly hacked?
« Reply #22 on: May 24, 2024, 02:47:34 PM »
Not sure I agree with that (well actually, I’m totally sure, I don’t agree with it)  bad security is bad security whether it’s in the cloud or a traditional standalone data centre, and web services have to talk to it, regardless, there’s nothing intrinsically unsafe about data being in the cloud.

It’s still in a data centre.

Knowing what the ip address is also makes no difference - the content running in your browser hits a web service somewhere to be able to do anything. It being on AWS or Azure rather than an independent data centre makes zero difference.

In fact, I’d argue cloud providers probably provide better baked in security in their infrastructure than your average business running its own servers in a dark room at the back of their office somewhere.

It is not the cloud providers specific security I was getting at, just that in the old days when apps were server based and "onsite", the infra teams would/should have setup DMZ's which allowed controlled access to the website, and even more controlled access to the data stores behind it. Not unhackable but at least the control was there.

Nowadays with it all being PaaS driven, and "easier" to create for Developers without infrastructure being in place, you get them firing up storage accounts (Azure) or buckets (AWS) which default to being accessible from anywhere. They can be locked down for private network access or only available from some public addresses (like the webapps), but it relies on the developer knowing how to do this (and encrypting it on read/write etc for added security). And sometimes they forget, or find it too problematic when working with scaling out solutions where the IP addresses accessing can change at a whim.

But anyway, purpletrousers post from the club has me even more concerned. The release seems to be this was something they didn't know about until the link originally posted by Amfy, yet it was first discovered and reported to the club by the website in March. That will really be big no-no from the ICO which needs to be informed of significant breaches of data within 72 hours of the club being alerted. An internal failure of alerting the clubs DPO is not an excuse there as it is up to the organisation to train staff on DPA practices. (And whoever the service provider is also probably needs dropping as well).

Offline usav

  • Member
  • *
  • Posts: 15698
  • Location: Pittsburgh, PA.
  • GM : 24.05.2025
Re: Villa possibly hacked?
« Reply #23 on: May 24, 2024, 03:19:11 PM »
Not sure I agree with that (well actually, I’m totally sure, I don’t agree with it)  bad security is bad security whether it’s in the cloud or a traditional standalone data centre, and web services have to talk to it, regardless, there’s nothing intrinsically unsafe about data being in the cloud.

It’s still in a data centre.

Knowing what the ip address is also makes no difference - the content running in your browser hits a web service somewhere to be able to do anything. It being on AWS or Azure rather than an independent data centre makes zero difference.

In fact, I’d argue cloud providers probably provide better baked in security in their infrastructure than your average business running its own servers in a dark room at the back of their office somewhere.

It is not the cloud providers specific security I was getting at, just that in the old days when apps were server based and "onsite", the infra teams would/should have setup DMZ's which allowed controlled access to the website, and even more controlled access to the data stores behind it. Not unhackable but at least the control was there.


We can have a geek-off in another part of the forum if you want, but I'm with Paulie here.  On-site vs cloud makes no difference.  Those same "infra teams" you called out should still be doing that same work, just in the cloud now or both if hybrid.  If companies are cutting corners on that and assuming the cloud provider will do it all for them, then that is on them.

Offline Dogtanian

  • Member
  • *
  • Posts: 7017
  • Location: The Streets of Rage ( Tamworth )
  • GM : 06.06.2025
Re: Villa possibly hacked?
« Reply #24 on: May 24, 2024, 03:34:27 PM »
Not sure I agree with that (well actually, I’m totally sure, I don’t agree with it)  bad security is bad security whether it’s in the cloud or a traditional standalone data centre, and web services have to talk to it, regardless, there’s nothing intrinsically unsafe about data being in the cloud.

It’s still in a data centre.

Knowing what the ip address is also makes no difference - the content running in your browser hits a web service somewhere to be able to do anything. It being on AWS or Azure rather than an independent data centre makes zero difference.

In fact, I’d argue cloud providers probably provide better baked in security in their infrastructure than your average business running its own servers in a dark room at the back of their office somewhere.

It is not the cloud providers specific security I was getting at, just that in the old days when apps were server based and "onsite", the infra teams would/should have setup DMZ's which allowed controlled access to the website, and even more controlled access to the data stores behind it. Not unhackable but at least the control was there.


We can have a geek-off in another part of the forum if you want, but I'm with Paulie here.  On-site vs cloud makes no difference.  Those same "infra teams" you called out should still be doing that same work, just in the cloud now or both if hybrid.  If companies are cutting corners on that and assuming the cloud provider will do it all for them, then that is on them.

The amount of times a software company has told me they have ISO 27001 certification and it turns out they mean that the hosting company they use has 27001 is ridiculous.

That's the problem, people think solutions are secure because they ought to be, but companies don't have the information security knowledge in place to make sure their suppliers actually are secure.

Offline Weedy

  • Member
  • Posts: 595
  • Location: Elmdon Heath
Re: Villa possibly hacked?
« Reply #25 on: May 24, 2024, 07:03:31 PM »
Check here to see if any of your details are 'out there' :-

https://haveibeenpwned.com/

That’s what a hacker would ask us to do.
nearly fell for it just now


Feel free to do your own  checks but I’ve used it before (with startling results) and did again. 

I’ve seen some reviews which argue they could make the way email addresses are submitted a bit more secure, and it’s not the only such service, but generally there seems to be a sense it’s a useful tool, I’d be happy if this clearly more ITK could give a more confident assessment . One review pointed out if you are taking the time to check if you are exposed pointed out you should be taking the time to use different passwords on every app/website.

The site is safe - I first used it when LinkedIn was had a data breach in 2016.
The email address I used for that site was one of those exposed and so I changed may password.
I periodically check my main email addresses to make sure.

This is what you get if your email address hasn't been compromised:



and if it has - this is the email address i used for LinkedIn - as you can see it was then passed around, fortunately since I'd changed the password the only problem I get now is spam sent to that address.




If in doubt - change your password.

Online Olneythelonely

  • Member
  • *
  • Posts: 7273
  • GM : 03.03.2025
Re: Villa possibly hacked?
« Reply #26 on: May 24, 2024, 10:23:49 PM »
That’s what a hacker would ask us to do

Offline purpletrousers

  • Member
  • *
  • Posts: 2033
  • Location: Luton / East London
  • GM : 25.04.2025
Re: Villa possibly hacked?
« Reply #27 on: May 24, 2024, 10:42:34 PM »
Check here to see if any of your details are 'out there' :-

https://haveibeenpwned.com/

That’s what a hacker would ask us to do.

I hadn’t realised there was a touch of the ‘Who is Dan Bardell?’ To this.


Thanks for the above Weedy. Would rather someone more expert advised others :)

Offline Chris Harte

  • Member
  • Posts: 12296
Re: Villa possibly hacked?
« Reply #28 on: May 29, 2024, 10:20:29 AM »
The original article about this on the OS has been updated. The club has been informed by the service provider that no password or payment data has been compromised.

Offline LeeB

  • Member
  • Posts: 33462
  • Location: Standing in the Klix-O-Gum queue.
  • GM : May, 2014
Re: Villa possibly hacked?
« Reply #29 on: May 29, 2024, 10:23:14 AM »
The original article about this on the OS has been updated. The club has been informed by the service provider that no password or payment data has been compromised.

That's what a hacker would want us to believe.

 


SimplePortal 2.3.6 © 2008-2014, SimplePortal