Following a spate of cyber attacks that have led to major security issues at some of the UK’s largest businesses this year, worrying new research has revealed that millions of Premier League fans are putting themselves at huge risk by using easy-to-hack football passwords.
The research from TipMan Tips uses compromised password data to reveal how many times passwords for several terms related to each of the 20 Premier League clubs have been exposed, and names the fanbases who are the most likely to be victims of hackers. The findings show that a whopping 3,680,221 passwords related to Premier League teams have been leaked in data breaches, proving fans put club loyalty ahead of online safety.
Liverpool fans are the most likely to fall foul of hackers, with 953,085 simple passwords related to the club included in data breaches. The most popular among fans is ‘liverpool’, which has been compromised 554,136 times.
In fact, fans of the champions account for 25.9 per cent of all passwords from fans across the Premier League that have been leaked in data breaches. Passwords including ‘liverpoolfc’, ‘liverpool1’, and ‘Liverpool1’ are also commonly used by fans of the Reds, and this leaves fans at huge risk online.
Here is a table for the 10 EPL teams most commonly used in online passwords:
|
Rank |
Premier League fanbase |
The most commonly used password by fans |
Total number of compromised club passwords |
|
1 |
Liverpool |
liverpool |
953,085 |
|
2 |
Chelsea |
chelsea |
699,249 |
|
3 |
Arsenal |
arsenal |
597,380 |
|
4 |
Manchester United |
manunited |
192,516 |
|
5 |
Everton |
everton |
181,316 |
|
6 |
Crystal Palace |
eagles |
168,544 |
|
7 |
Newcastle United |
newcastle |
135,909 |
|
8 |
Tottenham Hotspur |
tottenham |
127,910 |
|
9 |
West Ham United |
westham |
115,724 |
|
10 |
Wolverhampton Wanderers |
wolves |
100,831 |
Fans of Chelsea are the second-most at risk online. There are 699,249 passwords related to the Club World Cup champions that have been compromised by data breaches, with ‘chelsea’ and ‘chelsea1’ making up 589,000 of these.
In third, Arsenal fans are also likely to be hacked, as 597,380 common passwords that link the club have been compromised. The most popular used by fans were ‘arsenal’ and ‘gunners’, proving that nicknames are also overly used by supporters.
Manchester United fans are in fourth, as there have been 192,516 passwords included in data breaches. Data shows that ‘manunited’, ‘manchesterunited’, and ‘reddevils’ have been exposed in over 102,000 leaks.
Everton fans are in fifth, as data shows that simple passwords such as ‘everton1’ and ‘toffees’ have been leaked in 181,316 data breaches. Crystal Palace (168,544), Newcastle (135,909), Tottenham (127,910), West Ham (115,724), and Wolves (100,831) complete the top 10.
At the other end of the table, Brentford fans are the safest online, as fans have had their passwords leaked on just 11,572 occasions. Tipman Tips spoke with cybersecurity expert James Bore, of technology consultancy firm Bores, who explained why it’s important to make passwords more complex than a club's name, and discussed the dangers of using simple passwords online.
He said: “Criminals now know, beyond any doubt, how common these passwords are, and when people use the same password for multiple services, it makes them an easy target.
“Using something simple, memorable, and shared is tempting, but the problem is that it leaves you vulnerable. As an example, ‘liverpool’ is the 344th most common password - out of a list of 10 million common passwords.
“That means if your password is liverpool, and someone uses a dictionary attack, it will only take a few hundred attempts on average. ‘chelsea’ is high on the same list. The best recommendation at the moment is to use a few words, or even a sentence, that you can remember easily; picking something ridiculous can be a great option as it sticks in your mind better.
“Ultimately, what makes a password strong is its length, before anything else.”