A major data leak involving football players and coaches comes just weeks before the 2026 FIFA World Cup. Here’s what happened, how it works, and why it matters to you.
Table of Contents
What Happened?
The leaked data includes records of more than 150,000 players and coaches.
Hackers posted the information on a cybercrime forum and shared samples to prove it is real.
This leak comes just weeks before the FIFA World Cup begins, which makes the situation more serious.
How Did the Attack Happen?
No technical details have been revealed about how the breach happened. Hackers say they accessed a full database of football player and coach records and then posted it online.
They uploaded the data to a hacker forum called PwnForums, where stolen information is often shared or sold.
The hacker said they may be connected to the group ShinyHunters, but this is not confirmed, so it’s still unclear who is behind the attack.
Who Is Affected — and What Data Was Leaked?
This leak affects players and coaches associated with the AFC and clubs like Al-Nassr. Some of the players are expected to take part in the 2026 World Cup.
But the impact is much wider. Because the AFC includes teams from many countries, the leaked data may belong to players and staff across Asia and beyond — not just one club or one country.
The leaked database contains very sensitive personal details, such as:
- Passport scans and passport numbers
- Full names and dates of birth
- Email addresses
- Player records and contract details
It also includes additional information like nationality, team, and match details.
Together, this creates a detailed profile of each person. That makes the data especially risky, since it can be used to create very convincing scam messages or identity-based attacks. The same tactics can be used on anyone, even if you have nothing to do with football.
The problem is that you may not notice anything right away. In many cases, stolen data gets reused weeks or even months later, when people are less aware.
That’s why it is important to check early and understand your risk.
If you’re wondering whether your data was leaked and used in scams, it’s better to find out today.
With Futureproof, you can quickly see if your data was leaked at any given time and get simple steps to secure your accounts. It’s a practical way to stay one step ahead of scams.
Why This Case Matters to You
This may sound like a sports story, but it’s not.
The leak involves real personal data that scammers can use for fraud, identity theft, and targeted scams.
This doesn’t just affect athletes. Scammers use the same tactics on regular people, especially during major events like the FIFA World Cup.
They use leaked data to send messages that look real, such as emails about match tickets, travel bookings, or limited-time World Cup offers.
This is similar to Super Bowl scam texts, where attackers send fake messages about tickets, deliveries, or payments during high-profile events.
Once your data, like your email or phone number, is out there, it can be shared or sold.
This often leads to more scam calls, texts, and fake alerts asking for your personal information or money.
Even small details can be enough to trick you.
The real risk isn’t just this leak — it’s how the data gets reused over time.
How to Protect Yourself After a Data Leak in 3 Steps
Here are 3 simple steps to stay safe:
- Be cautious with unexpected messages
If you receive an email or text about a payment, travel issue, or urgent request, don’t act on it immediately.
If something feels off, go directly to the company’s official website or call their support line to verify.
- Avoid clicking links in messages
Scammers often use links that lead to fake login pages designed to steal your data.
Instead of clicking the link, type the company’s website address into your browser or use their official app to check your account or message.
- Use strong passwords and two-step verification
Use a unique password for each important account, and enable two-step verification wherever possible. This adds an extra layer of protection, so even if your password is leaked, your account stays secure.
Start with your email account — it’s the most important one to secure. Your inbox is connected to your bank, shopping accounts, and more, meaning anyone who gains access to it can reset your passwords and take over everything else.
With Futureproof Email Protection, setting a strong password and enabling two-step verification for your account is easy. Step-by-step guidance walks you through the process, so your account and your data stay protected.
Your Account Protection Today Shapes Your Risk Tomorrow
A single leak may not affect you right away. But your data doesn’t stay in one place — it gets shared, sold, and combined with other leaks.
Scammers use those pieces to build your profile that includes your name, email, phone number, and even your habits. Then they send messages that feel real and personal.
To protect yourself and your data, stay cautious with unexpected messages, avoid clicking links, and secure your accounts with strong passwords and two-step verification.
Staying careful now can save you from costly mistakes later.
At Futureproof, Kevin explains digital safety in simple words, with clear tips and zero fluff. He holds a degree in information technology and studies fraud trends to keep his tips up-to-date.
In his free time, Kevin plays with his cat, enjoys board-game nights, and hunts for New York’s best cinnamon rolls.
