Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

AFC Ajax hit by network compromise

Incident
First reported
Last updated
Happening score
H score 8
1 unique sources, 2 articles

Summary

Hide ▲

AFC Ajax disclosed a systems compromise that exposed fan data and created ticketing-integrity risk for a few hundred people. The club said a hacker in the Netherlands unlawfully gained access to parts of its systems and viewed data, including names, email addresses, and dates of birth for fewer than 20 people with stadium bans. The breach also enabled ticket transfers and modification of ban records, increasing the risk of unauthorized account changes. Ajax says the identified issues were patched and authorities were notified.

Related Happenings

Dutch National Police arrest Ajax hack suspect

Law Enforcement
First: 27.05.2026 12:09 Last: 27.05.2026 12:09 Sources 1

How related: "On the morning of Tuesday, May 26, the police arrested a 35-year-old man from the municipality of Buren for computer trespassing at the Amsterdam football club Ajax. The man is suspected of deliberately unlawful intrusion into Ajax's computer systems several times," the police said.

About this happening: The **Dutch National Police** arrested a **35-year-old man from Buren** in a **computer trespassing** case tied to **Ajax Amsterdam (AFC Ajax)**, escalating a criminal probe into...

Open Happening

First VPN takedown by Europol and French-Dutch authorities

Law Enforcement
First: 21.05.2026 16:09 Last: 21.05.2026 16:09 Sources 1

About this happening: **Europol** and **French and Dutch authorities** took **First VPN** offline in a cross-border operation that also **seized servers** and **arrested the administrator**. The case m...

Open Happening

European Commission hit by cyberattack

Incident
First: 27.03.2026 14:22 Last: 27.03.2026 14:22 Sources 1

About this happening: The **European Commission** is investigating a **security breach** after a threat actor gained access to its **Amazon cloud infrastructure**. At least **one account** used to mana...

Latest development: 03.04.2026 09:33

CERT-EU attributes the European Commission cloud breach to TeamPCP, and ShinyHunters published a 90GB archive of documents on a dark web leak site on March 28, exposing names, email addresses, and email content. CERT-EU says the exfiltrated data relates to websites hosted for up to 71 clients of the Europa web hosting service, including 42 internal European Commission clients and at least 29 other Union entities, and no websites were taken offline.

Open Happening

Odido hit by network compromise

Incident
First: 12.02.2026 20:18 Last: 12.02.2026 20:18 Sources 1

About this happening: **Odido** said a **cyberattack** exposed personal data from its **customer contact system**, affecting **6.2 million customers** after unauthorized access was detected on the week...

Latest development: 24.02.2026 13:40

ShinyHunters claimed responsibility for breaching Dutch telecommunications provider Odido, added the company to its dark web leak site, and said it had stolen nearly 21 million records. The gang also claimed the stolen material includes internal corporate data and plaintext passwords, while Odido denied that passwords, call details, social security numbers, or billing data are involved.

Open Happening

Ivanti EPMM mobile-data theft campaign targeting European governments

Campaign
First: 10.02.2026 11:45 Last: 10.02.2026 11:45 Sources 1

About this happening: A **coordinated Ivanti EPMM campaign** is now linked to breaches at multiple **European government** bodies, raising concern that staff and mobile-user data were exposed across se...

Latest development: 13.02.2026 00:05

Shadowserver tracked another more voluminous wave of attempted attacks against European government targets around Feb. 9, 2026, and Greynoise said 83% of the exploitation spike came from a single IP address on a bulletproof hosting service rather than the IOCs Ivanti published.

Open Happening

Timeline

  1. 27.05.2026 12:09 1 articles · 9h ago

    Dutch police arrest suspect for repeated unauthorized access to AFC Ajax systems

    Legal Policy Action Update

    Dutch National Police arrested a 35-year-old man from the municipality of Buren on Tuesday, May 26, 2026 for computer trespassing at AFC Ajax after he was suspected of repeatedly gaining unauthorized access to the club's computer systems. The arrest followed an investigation into exploitation of vulnerabilities in AFC Ajax systems that exposed data belonging to a few hundred individuals and enabled changes to stadium bans and ticket transfers.

    Show sources
    Open in new tab
  2. 26.03.2026 22:37 2 articles · 2mo ago

    AFC Ajax discloses unauthorized access to fan data and ticketing records

    Initial Disclosure

    AFC Ajax disclosed that a hacker in the Netherlands unlawfully gained access to parts of its IT systems, viewed data for a few hundred people, and accessed names, email addresses, and dates of birth for fewer than 20 people with a stadium ban. The same vulnerabilities also enabled transfers of purchased tickets and modifications to stadium bans, while RTL journalists independently verified the flaws and reported broad access to fan data via APIs and shared keys. AFC Ajax said it engaged external experts to determine the scope and root cause, patched all identified vulnerabilities, added extra security measures, and notified the Dutch Data Protection authority and the police.

    Show sources
    Open in new tab