Argentina’s football federation just learned the hard way that winning on the pitch doesn’t mean you’re safe off it. The Argentine Football Association (AFA) confirmed on July 10 that hackers gained unauthorized access to one of its institutional email accounts and used it to blast out messages accusing match officials of corruption.
The breach came two days after Argentina’s dramatic 3-2 comeback victory over Egypt in the World Cup round of 16 on July 8. The unauthorized emails, reportedly sent from a legitimate AFA address, carried the subject line “SYSTEM HACKED: UNFAIR DECISION” and included accusations that Argentina “did not win” the match, along with what the AFA described as troubling threats.
What happened
On July 8, Argentina rallied from a 2-0 deficit to beat Egypt 3-2 in a World Cup knockout match. Egypt’s football federation subsequently filed a formal complaint with FIFA over the officiating of French referee François Letexier, setting the tone for what came next.
Somewhere between the final whistle and the AFA’s public statement two days later, hackers gained access to at least one of the organization’s institutional email accounts. Reports from Argentine and Uruguayan media suggest the intruders may have had access to parts of the AFA’s database, including sensitive information like email addresses and passwords.
The emails that went out accused referees of corrupt officiating, declared the result illegitimate, and included threats serious enough for the AFA to issue a formal advisory. The federation told recipients to exercise caution with any suspicious links or requests they may have received. The AFA was clear that none of these communications were authorized or generated by its official team.
The Egyptian connection
Evidence gathered so far points to hackers of Egyptian origin. Egypt’s federation was already furious about the officiating before anyone started breaking into email servers, and their formal FIFA complaint about Letexier’s refereeing decisions provided the backdrop. As of July 11, there were no reports of additional data leaks or ransomware demands. The absence of a ransom demand suggests this was ideologically driven, closer to hacktivism than financially motivated cybercrime.
Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.

2 hours ago
18









English (US) ·