Football Association of Ireland suffered from a security breach of their payroll systems

Football Association of Ireland (FAI) confirmed that they have suffered from a security breach of their payroll systems. This security breach has been discovered last month (i.e. in June 2019).

The FAI also said that no staff data got compromised in this security breach. It was earlier feared that the hackers might have stolen the bank details for the leading FAI employees as well as the officials, like manager of Ireland Mick McCarthy, and thus the staffs have been told to check their bank accounts for any kind of unusual activity.

FAI has confirmed that the source of this latest hacking attempt was one malware infection, which was targeting the payroll systems at their Abbotstown headquarters in Fingal County of Ireland and was discovered during June Bank Holiday.

Irish Independent was previously told by the organisation that these systems stored the names, bank account details, contact details, salaries as well as Personal Public Service numbers of the staff.

"Upon becoming aware of the incident, the FAI immediately engaged external computer forensic experts to assist with investigating the incident," said the organisation in a statement that was issued on July 3, 2019, to all the former as well as current staff. "These investigations found malware on a payroll server but the FAI have assured staff, and former staff, today that there is no evidence of any of their data being extracted from the server".

In their latest statement, the FAI noted that all the payment data were actually stored off-site, and the details related to the ticket sales have been managed by a third-party, and thus were not affected. The FAI also said that the FAInet system, introduced in 2016, that manages the player registration details was also not affected.

The organisation added that "the FAI have treated this matter very seriously and are focused on closing out this incident and preventing any further security incidents".

The FAI contacted the Irish Office of the Data Protection Commission immediately after discovering the breach - even if there was a chance that it might turn into a big PR disaster. Moreover, the police service was also informed by the FAI.

» SPAMfighter News - 7/29/2019