Jump to content
  • San Francisco 49ers: Blackbyte ransomware gang stole info of 20K people

    alf9872000

    • 394 views
    • 2 minutes
     Share


    • 394 views
    • 2 minutes

    NFL's San Francisco 49ers are mailing notification letters confirming a data breach affecting more than 20,000 individuals following a ransomware attack that hit its network earlier this year.

     

    The San Francisco Bay Area professional American football team confirmed that personal information (including names and Social Security numbers) belonging to 20,930 impacted individuals was accessed and/or stolen in the attack between February 6 and February 11, 2022.

     

    "The 49ers conducted a thorough review of these files to identify the individuals whose information was contained in the files, and additional research to locate and verify the addresses for these individuals," the team revealed in notification letters sent to affected individuals starting Thursday.

     

    "The 49ers completed this process on August 9, 2022, and discovered that the incident involved the name and Social Security number of seven Maine residents."

     

    At the time, the 49ers confirmed the incident in a statement to BleepingComputer, saying it caused a temporary disruption to portions of their IT network.

     

    While the football team did not reveal whether the attackers successfully deployed ransomware payloads, the statement said they are still restoring systems, indicating that the breached devices were also likely encrypted.

     

    "As the investigation continues, we are working diligently to restore involved systems as quickly and as safely as possible," the 49ers told BleepingComputer.

    Attack claimed by the Blackbyte ransomware gang

    The BlackByte gang claimed responsibility for the attack on February 12, right as the NFL was getting ready for Super Bowl 2022, by starting to leak files claimed were stolen from the 49ers' network.

    The ransomware group also leaked an archive containing 292 MB worth of files the gang said were invoices stolen from 49ers' compromised servers.

     

    blackbyte-data-leak-site.jpg
     BlackByte ransomware leaking the San Francisco 49ers' data (BleepingComputer)
     

    Although it is unknown how much data was stolen during the February attack, BlackByte is known for selling gigabytes of data from some of its previous victims.

     

    The BlackByte ransomware operation was launched in July 2021 when it started targeting corporate entities worldwide.

     

    "We notified law enforcement and are fully supporting their investigation," the 49ers added in the data breach notification letters. 

     

    "We are also taking steps to help prevent something like this from occurring again, including additional measures to further enhance our security protocols and continued education and training to our employees."

     

    Source: Bleeping Computer

    https://www.bleepingcomputer.com/news/security/san-francisco-49ers-blackbyte-ransomware-gang-stole-info-of-20k-people/


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...