CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership May 28, 2026

Police arrest suspect in Ajax football club hack that exposed 300,000 fan records

Help Net Security Archived May 28, 2026 ✓ Full text saved

The Dutch National Police arrested a man suspected of hacking into the computer systems of AFC Ajax, a football club from Amsterdam. “On the morning of Tuesday, May 26, detectives arrested a 35-year-old man from the municipality of Buren for computer intrusion at the Amsterdam football club Ajax. The man is suspected of intentionally and unlawfully entering Ajax’s computer systems multiple times ,” the police said. The investigation began after AFC Ajax discovered unauthorized access … More → Th

Full text archived locally
✦ AI Summary · Claude Sonnet


    Sinisa Markovic, Senior Staff Writer, Help Net Security May 28, 2026 Share Police arrest suspect in Ajax football club hack that exposed 300,000 fan records The Dutch National Police arrested a man suspected of hacking into the computer systems of AFC Ajax, a football club from Amsterdam. “On the morning of Tuesday, May 26, detectives arrested a 35-year-old man from the municipality of Buren for computer intrusion at the Amsterdam football club Ajax. The man is suspected of intentionally and unlawfully entering Ajax’s computer systems multiple times ,” the police said. The investigation began after AFC Ajax discovered unauthorized access to its computer systems earlier this year. Dutch police traced the intrusion to a suspect from the municipality of Buren and arrested him following the investigation. During the search, police seized various data carriers for further investigation. Ajax disclosed the intrusion on March 25, 2026, saying the attack exploited vulnerabilities in the club’s app and website, including exposed APIs and shared access keys. The suspected hacker first approached an RTL journalist and shared details about the vulnerabilities. The journalist later demonstrated that tickets could be transferred to other users and that stadium bans could be modified. According to RTL, the vulnerabilities exposed private data belonging to more than 300,000 registered Ajax fans and could have allowed attackers to steal or disable more than 42,000 season tickets. RTL also reported that the flaws exposed information on 538 supporters with active stadium bans. AFC Ajax has since patched the vulnerabilities exploited in the attack and reported the incident to Dutch police and the country’s data protection authority. More about breach cybercrime data breach EU law enforcement Share
    💬 Team Notes
    Article Info
    Source
    Help Net Security
    Category
    ◇ Industry News & Leadership
    Published
    May 28, 2026
    Archived
    May 28, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗