The RansomHub extortion group claimed responsibility for the attack on November 19, 2024, and accused Bologna FC’s management of failing to protect confidential data related to players and sponsors. Following their ultimatum, the group released the stolen data on the dark web after the club reportedly refused to pay the ransom.
The leaked data reportedly includes a wide array of sensitive information, such as sponsorship contracts, financial records, personal player details, transfer strategies, and even medical records. The attackers also disclosed business plans, stadium information, and confidential data about fans and employees. RansomHub attempted to pressure Bologna FC by citing examples of fines imposed on other organizations due to leaked documents, leveraging GDPR violations to intensify the impact of the breach.
Ransomware attacks on sports organizations are relatively rare but highlight the growing risk for entities managing substantial financial resources and sensitive data. This incident underscores the need for robust cybersecurity measures in the sports industry to prevent similar breaches and protect critical assets.
Source: Bleeping Computer
The European Cyber Intelligence Foundation is a nonprofit think tank specializing in intelligence and cybersecurity, offering consultancy services to government entities. To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.