Back

Hack of Ajax Football Club Exposes Fan Data and Leads to Arrest

Severity: High (Score: 67.5)

Sources: Bleepingcomputer, www.rtl.nl, www.politie.nl, Therecord.Media

Published: 2026-05-27 · Updated: 2026-05-27

Keywords: dutch, ajax, police, football, club, suspect, buren

Severity indicators: breach, ot

Summary

A significant cyber breach at Ajax Amsterdam allowed unauthorized access to sensitive data of over 300,000 fans, including the ability to steal or modify 42,000 season tickets and view details of 538 supporters with stadium bans. The attack exploited vulnerabilities in Ajax's IT systems, enabling the hacker to manipulate ticket assignments and access private information. Dutch police arrested a 35-year-old suspect in Buren on May 26, 2026, following an investigation that began after Ajax reported the breach in March. Ajax has since patched the vulnerabilities and notified the Dutch Data Protection Authority. The incident raises serious privacy concerns for affected fans, as their sensitive information could be misused. Key Points: • Over 300,000 Ajax fans' data compromised, including sensitive personal information. • A 35-year-old suspect arrested for exploiting vulnerabilities in Ajax's systems. • Ajax has patched the security flaws and notified authorities about the breach.

Detailed Analysis

**Impact** Over 300,000 registered Ajax fans had their private data exposed, including details on 538 supporters with active stadium bans. Approximately 42,000 season tickets were stolen or rendered unusable. Sensitive personal information, such as stadium bans linked to criminal or disciplinary actions, was accessible, potentially affecting individuals’ privacy and employment. The incident impacted the Dutch football sector and fans primarily in the Netherlands. **Technical Details** The attacker exploited vulnerabilities in Ajax’s IT systems, specifically weaknesses in APIs and shared digital keys used for account management. Manipulation of datapackets allowed unauthorized actions such as ticket reassignment and modification or removal of stadium bans. The breach involved unauthorized access through repeated computer trespassing, with no specific malware or CVEs disclosed. The attacker was identified and arrested in Buren, and multiple digital storage devices were seized for investigation. **Recommended Response** Organizations should immediately patch API vulnerabilities and replace shared digital keys with unique, user-specific credentials. Implement strict access controls and validate all input to prevent unauthorized data manipulation. Monitor for unusual account activity, especially ticket transfers and changes to user privileges. Law enforcement engagement and forensic analysis of seized devices should continue to support attribution and remediation efforts.

Source articles (4)

  • Dutch police arrests suspect linked to Ajax football club hack — Bleepingcomputer · 2026-05-27
    The Dutch National Police arrested a 35-year-old man suspected of hacking the professional football club Ajax Amsterdam (AFC Ajax) earlier this year. The suspect was arrested in Buren and, according t…
  • Tuesday press release — www.politie.nl · 2026-05-27
    De recherche heeft in de ochtend van dinsdag 26 mei een 35-jarige man uit de gemeente Buren aangehouden voor computervredebreuk bij de Amsterdamse voetbalclub Ajax. De man wordt verdacht van meerdere…
  • RTL report — www.rtl.nl · 2026-05-27
    De hack maakt het mogelijk om privégegevens van de meer dan 300.000 geregistreerde Ajax-fans in te zien en de ruim 42.000 seizoenskaarten te stelen of onbruikbaar te maken. De seizoenskaarthouder kan…
  • Dutch police arrest man over cyber breach at Ajax football club — Therecord.Media · 2026-05-27
    The suspect was detained in the central Dutch town of Buren, where law enforcement officers also searched his and seized multiple digital storage devices, according to a statement released Tuesday by…

Timeline

  • 2026-03-01 — Ajax discloses cyber breach: Ajax reported unauthorized access to its systems, affecting hundreds of fans' data.
  • 2026-05-26 — Suspect arrested by Dutch police: A 35-year-old man from Buren was arrested for multiple unauthorized intrusions into Ajax's systems.
  • 2026-05-27 — Ajax confirms security measures taken: Ajax announced it has enhanced its digital security following the breach and is notifying affected supporters.

Related entities

  • rtl.nl (Domain)
  • [email protected] (Email)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed