The EFL has warned clubs following a series of cyber attacks involving both Bristol City and Sheffield Wednesday in recent weeks.
Mail Sport understands that the situation is so serious that panicked teams have called in external agencies to help address this increasingly worrying problem.
Hackers have targeted many of the league’s larger clubs, hunting for the personal details of season ticket holders and people on email lists. If they are successful, the information, which can include passwords, is often sold to various buyers, thought to include organised crime networks, who may then attempt to use the data to carry out various scams.
Earlier this month, multiple emails were sent out by senior officials at both the Robins and Owls. They contained links and, despite coming from official addresses, were in fact the work of hackers who had managed to get into the systems of both clubs.
The EFL quickly issued a warning to all clubs following the problems at Bristol City, warning them not to open emails from Bristol Sport’s finance director Vicki Long.
The EFL has issued a warning to clubs following a series of cyber attacks
Cyber breaches have been reported at both Sheffield Wednesday and Bristol City in recent weeks
Mail Sport understands that the situation is so serious that panicked teams have called in the help of external agencies
A similar situation unfolded on Wednesday, with suspicious emails being sent from the account of CFO John Redgate. Both clubs reacted quickly and raised the alarm with those affected.
Earlier this month, League One Charlton Athletic contacted police after being hit. EFL bosses have told clubs the problem is growing and have urged them to be more vigilant given the sensitive data they hold.
Leeds United appear to be leading the response, with the club’s information security manager, Graham Peck, drawing up a list of cybersecurity contacts on both sides to ensure information is shared and to support rapid responses.
In May, Aston Villa launched an investigation into reports of a data breach. Although they found a vulnerable area, which they subsequently closed, they found no evidence of unauthorised access or password sharing.