Was PSG the victim of a cyberattack? In any case, this is what the message sent to its customers this Monday April 8 suggests.
“Madam, Sir, on April 3, the Information Systems Department of Paris Saint-Germain was challenged by unusual access attempts to the club's ticketing system,” it is written. Our teams detected a vulnerability which they resolved in less than 24 hours. To this end, additional security measures were immediately implemented. »
The press release continued: “Paris Saint-Germain notified this violation to the CNIL on April 5. In this context, and in accordance with the law, Paris Saint-Germain must inform people likely to be affected by this malicious act. This is the purpose of this communication. »
The club then tries to be reassuring: “Based on the attempts observed, nothing indicates, to date, that data has been extracted or exploited by a malicious third party. »
An extract from the letter sent by PSG. Screenshot.
He nevertheless explains that “the violation concerns identity data: name, first name, email and postal address, mobile number, date of birth and account status” as well as “the IBAN numbers concerned”. For the latter, however, “only the last three digits were legible”.
As the quarter-final of the Champions League, eagerly awaited by the Parisian ultras, approaches, PSG is reassuring with its supporters. It indicates that it “remains very vigilant about the possible impacts linked to this event and ensures that it has taken all measures to remedy them”.