PL charge City for alleged breaches of financial rules

[Prestwich_Blue]

The first one was the unauthorised Liverpool access. Unauthorised access due to poor security procedures. Big wake-up call. The second was Pinto. A different kettle of fish, of course, But none of it reflects well on the efficiency of security management.

All imho, of course.

You're actually largely incorrect on this.

The Liverpool one involved the former City employees using an existing enployee's login credentials. I don't know how they got that password (although I'm sure City does) but I do know that the City employee involved was still there a few years later, and may still be. So he wasn't sacked, suggesting he wasn't actively involved in whatever happened. It still puzzles me why we didn't go to the police over this, as it was a clear criminal offence under the Computer Misuse Act.

My understanding of the Pinto hack is that it involved an phishing email designed to look like it came from UEFA, which was opened by a senior club official. You can warn people all you like and carry out regular phishing tests, but there's pretty well no way you can guarantee security if someone doesn't carefully check an email address every time before they open it or click on a link.

 

[Prestwich_Blue]

In this case someone left City, but their account was still there. Even worse, it was still active. A big nono. Therefore City should have had a better procedure for leaving users where all rights and roles are automatically revoked on the last day.

Wrong. See my post above.

 

[Gone for a Burton]

We all feel angry and most of us probably want some bloodcurdling revenge on Masters, the PL and the cartel. But media outlets would simply refuse any such statement and probably add an insulting interpretation of the award. The PL would probably refuse also and issue a pious statement about its responsibility for maintaining the integrity of the league and its competition when clubs may have breached the very necessary rules. The MSM, the PL and the cartel know a fair bit about non-cooperation.

There will be repercussions, revenge and celebrations.

The repercussions will be swift and public.

The revenge slow, cold and barely visible.

The celebrations long, loud and lional.

The Etihad then Deansgate !!

 

[chocovla]

So he wasn't sacked, suggesting he wasn't actively involved in whatever happened. It still puzzles me why we didn't go to the police over this, as it was a clear criminal offence under the Computer Misuse Act.

Which really baffles me. Therefore I think it was part of settlement. In my line of work it's normal operating procedure to always contact the local cybercrime units to report this sort of thing. Even attempted hacks are reported.

 

[Cityfan1977]

All I am saying is that there are very naive people in City from owners to fans if you think that strong PR is not needed to take this club forward and make it ti this super club they want it to be.
We have been very lucky to win so much and the moments Aquero, Gundo to promote us but we cant trust that we will be winning all the time, look at this season.

Alot if Liverpool fans went to the CL final without tickets and tried to go insite the statium , thats why the france police did what they did.
The PR macine for Liverpool went into overtime and today it was all on the france police and UEFA.

There are alot of Liverpool fans in Scandanavia, Ireland,UK even though they have only 1 PL title .
It is becouse of PR .

 

[chocovla]

Wrong. See my post above.

In this case it was still very bad security procedures. Makes you think how and where these credentials landed at Liverpool. And as alreay has been mentioned MFA should have been put in place, maybe ip-restrictions for logins, user alerting for abormal logins. Standard procedure in more security mature organizations.

 

[Gone for a Burton]

All I am saying is that there are very naive people in City from owners to fans if you think that strong PR is not needed to take this club forward and make it ti this super club they want it to be.
We have been very lucky to win so much and the moments Aquero, Gundo to promote us but we cant trust that we will be winning all the time, look at this season.

Alot if Liverpool fans went to the CL final without tickets and tried to go insite the statium , thats why the france police did what they did.
The PR macine for Liverpool went into overtime and today it was all on the france police and UEFA.

There are alot of Liverpool fans in Scandanavia, Ireland,UK even though they have only 1 PL title .
It is becouse of PR .

You missed the 's' out of 'bescouse' !!

 

[Damanino]

the years of finger pointing and calling us cheats cannot just go away in the mainstream media. I cannot see it all of a sudden going away even after great outcome from the panel.
media will ask for a new investigation. if no new investigation is started from PL it will be "we know why they dont want a new investigation, there is something to hide".

 

[Stoned Rose]

There will be repercussions, revenge and celebrations.

The repercussions will be swift and public.

The revenge slow, cold and barely visible.

The celebrations long, loud and lional.

The Etihad then Deansgate !!

Not having lional as a word, Burts.

 

[Cityfan1977]

You missed the 's' out of 'bescouse' !!

sorry if I offended you , we are not all from England here, I am from Iceland and didnt have time to check my spelling and grammer Oxford style.

 

[The Light Was Yellow Sir]

You're actually largely incorrect on this.

The Liverpool one involved the former City employees using an existing enployee's login credentials. I don't know how they got that password (although I'm sure City does) but I do know that the City employee involved was still there a few years later, and may still be. So he wasn't sacked, suggesting he wasn't actively involved in whatever happened. It still puzzles me why we didn't go to the police over this, as it was a clear criminal offence under the Computer Misuse Act.

My understanding of the Pinto hack is that it involved an phishing email designed to look like it came from UEFA, which was opened by a senior club official. You can warn people all you like and carry out regular phishing tests, but there's pretty well no way you can guarantee security if someone doesn't carefully check an email address every time before they open it or click on a link.

I often wonder if we didn’t go to the police in the mistaken belief, perhaps promulgated by the Scousers, that stuff like the ‘115’ wouldn’t be encouraged or supported by them?
Little did we know…..
I also wonder if our sometimes desperate desire to join the club contributed to a little naivety over a lot of this stuff.

 

[give it to gordon]

the years of finger pointing and calling us cheats cannot just go away in the mainstream media. I cannot see it all of a sudden going away even after great outcome from the panel.
media will ask for a new investigation. if no new investigation is started from PL it will be "we know why they dont want a new investigation, there is something to hide".

Yep so best ignore it or even agree with them lol that confuses them !

 

[hammocity]

Two young Asian girls on the golf range last night wearing City shirts, and lots of other young multi-ethnic lads round the place with City gear on.

Away from the bitter, envious and ignorant English media we get very fair & factual coverage.

The average international punter knows little or nothing about 115 cos its not reported front and centre.

They take us at face value....a great team !!

You're wrong about the "International Punter", I've posted we've encountered Ajax and Dortmund fans who told us we were "cheats", we straightened them up (in a non violent way) and educated them to the "truth".

 

[decmancity]

True but what if we are not winning everything all the time ? Success comes in waves no team can win all the time.

What has that got to do with anything related to this?

 

[failsworthblueboy]

All I am saying is that there are very naive people in City from owners to fans if you think that strong PR is not needed to take this club forward and make it ti this super club they want it to be.
We have been very lucky to win so much and the moments Aquero, Gundo to promote us but we cant trust that we will be winning all the time, look at this season.

Alot if Liverpool fans went to the CL final without tickets and tried to go insite the statium , thats why the france police did what they did.
The PR macine for Liverpool went into overtime and today it was all on the france police and UEFA.

There are alot of Liverpool fans in Scandanavia, Ireland,UK even though they have only 1 PL title .
It is becouse of PR .

Forgive me for being so naive, Football did not start in 1992, correct me if I'm wrong but: Liverpool will have 20 titles if they win the PL this year, they have 6 European cups and have won a lot of other titles and cups.
Liverpool the Rags the Arses have been so successful because they are the Pl darlings and the Pl was created to cement there positions at the top of the table and keep the perks that are handed to them, they don't really need PR.
I do except that in our position our PR is extremely important.

 

[decmancity]

You're wrong about the "International Punter", I've posted we've encountered Ajax and Dortmund fans who told us we were "cheats", we straightened them up (in a non violent way) and educated them to the "truth".

I have encountered lots that weren't interested and had no clue about it, they spent their time gushing over Rodri, KDB and Haaland.

2-1 to the "average international punter knows little or nothing about 115"

 

[Cityfan1977]

What has that got to do with anything related to this?

everything, we want to grow even if we are not winning everything like for the last 10 years.

 

[decmancity]

everything, we want to grow even if we are not winning everything like for the last 10 years.

City are growing faster than any other club has in the history of football, on and off the pitch.

We are signing international sponsorship season upon season, beating the "elite" to world class youth talents every summer and signing superstars like Haaland as well as having the current reigning balon d'or winner.

 

[Cityfan1977]

Forgive me for being so naive, Football did not start in 1992, correct me if I'm wrong but: Liverpool will have 20 titles if they win the PL this year, they have 6 European cups and have won a lot of other titles and cups.
Liverpool the Rags the Arses have been so successful because they are the Pl darlings and the Pl was created to cement there positions at the top of the table and keep the perks that are handed to them, they don't really need PR.
I do except that in our position our PR is extremely important.

you are not naive like you say in the end PR is very importent for City. However I dont agree with you that the red teams dont need PR they do and they use it .

 

[LeonardoDaVnci]

I thought they used an existing users password, if so what exactly is poor about the security procedures?
Other than user education on cyber security, fundamentally it's down to human ineptitude not lax security; you don't change everyone's passwords when one person leaves a company.

Edit: I do agree that we should have more than just password based access i.e. 2FA; but if an existing user's password was used the flaw is with that user

Password protection on its own is archaic. Any organisation serious about IT security will have VPNs all over, and every employee will have a physical token, bit like a USB stick. No token, no access, go home. Lose your token it gets disabled for ever, you have to beg IT for a replacement. When an employee leaves the company access via their token is auto disabled, the employee should hand it on last day, but even if they don't the token is disabled for ever. Also on the last day of employment all passwords should be disabled for ever. Allowing the dippers access to our scouting network after they left was just negligence by us.