AFC Ajax Reveals Data Breach Affecting Supporter Information

📌 AFC Ajax, a Dutch football club based in Amsterdam, disclosed a data breach where an unknown hacker accessed parts of its IT systems by exploiting vulnerabilities in the club’s app and website, including exposed APIs and shared access keys. The breach exposed email addresses of a few hundred individuals, while names, email addresses, and dates of birth were accessed for fewer than 20 people subject to stadium bans. The incident also raised concerns about potential tampering with season tickets and supporter ban records. No specific date for the breach was provided, nor were CVE IDs or technical exploit details mentioned. The club confirmed the unauthorized access but did not disclose further operational impacts.