Cyber Incident Victim: Real Sociedad

On October 17, 2023, Real Sociedad, a football club based in San Sebastián, Spain, detected a cyberattack targeting its IT services. The breach compromised multiple servers storing identification and contact data for subscribers, shareholders, RS Fan members, and RS Laguna supporters. Attackers accessed personal information including full names, national identity card numbers, email addresses, physical mailing addresses, and telephone numbers. For subscribers, the intrusion additionally exposed bank account numbers used for processing membership fee direct debits. The club confirmed the incident involved unauthorized access to internal systems but did not specify the exact attack vector or perpetrator group. No operational disruptions to matches or stadium functions were reported, though the breach directly impacted data security for an unspecified number of individuals associated with the club.

Real Sociedad implemented technical and organizational measures to contain the incident, ensuring continued functionality of critical systems. The club notified Spain’s Data Protection Agency and other relevant authorities while initiating an internal response protocol. Affected parties received email communications advising vigilance against suspicious electronic messages and fraudulent attempts to exploit the leaked data. The club emphasized that compromised banking details were limited to account numbers for automated membership payments, asserting this exposure would not enable unauthorized withdrawals or direct financial losses. Forensic investigations proceeded with law enforcement involvement, though no recovery timeline or data decryption status was disclosed. No ransomware demands or explicit threats of data publication were mentioned in available reports as of the incident disclosure date.