Cyber Incident Victim: Everton Football Club

On January 31, 2020, during the Premier League’s transfer deadline day, Everton Football Club’s official Twitter account (@efc_fanservices) posted an unauthorized announcement claiming the club had agreed to sign Brazilian player Everton Soares from Grêmio. The tweet stated the player would remain with the Brazilian club until the end of the season and included the hashtag #welcomeeverton. This post aligned with widespread media speculation about a potential transfer involving the player, who had been linked to Everton in prior reports. The message was deleted minutes after publication. Everton Football Club attributed the incident to a compromised Twitter account, characterizing it as a security breach rather than an internal error. No evidence of malicious follow-up activity—such as offensive content, fraudulent links, or data theft—was reported in connection with the unauthorized post.

The incident caused immediate confusion among supporters, as the deletion of the tweet contradicted its initial announcement. Club officials did not disclose technical details regarding the alleged compromise, such as the method of account access or whether other systems were affected. Public statements framed the incident as a resolved breach, emphasizing that the transfer announcement was false. Media scrutiny arose due to the plausibility of the tweet’s content, given existing transfer rumors and a subsequent interview where Everton Soares confirmed discussions with Everton’s coach about a potential move. The club committed to investigating the breach to identify security weaknesses, though no findings or corrective measures were publicly detailed. The false announcement had no lasting operational impact on team operations or the transfer window, which closed without Everton Soares joining the club.