Bologna FC 1909 has confirmed that it was the victim of a ransomware attack, which resulted in a significant data breach. The attack, carried out by the notorious RansomHub ransomware group, occurred on November 19, 2024, and led to the theft of sensitive data from the Italian football club. The stolen information includes a wide range of confidential details, such as medical records of players, sponsorship contracts, financial data, and internal transfer strategies. The cybercriminal group claimed that Bologna FC’s refusal to protect confidential data led to the breach, threatening to publish the stolen information online.
Despite receiving an extension to pay the ransom, Bologna FC was unable to prevent the publication of the stolen data, which was eventually leaked on the dark web. The RansomHub group’s claims regarding the contents of the leak include personal player data, medical histories, commercial strategies, financial records, and more. These details could have serious ramifications for the club, its players, employees, and fans, as well as the integrity of the organization’s operations and security practices.
The ransomware group used tactics like GDPR violations to pressure the club into paying the ransom, citing examples of other sports organizations that faced hefty fines due to similar leaks. RansomHub’s ability to target sports teams highlights the growing trend of high-profile institutions, particularly in the sports industry, being targeted for their valuable data. While ransomware attacks on sports teams are relatively uncommon, those that have occurred have involved large sums of money and sensitive operational data, making them attractive targets for cybercriminal groups.
Bologna FC has since issued a stern warning to the public, stating that anyone found in possession of or sharing the leaked data could face serious criminal charges. The incident underscores the increasing importance of robust cybersecurity measures for sports organizations, which must protect both personal and business-critical information from increasingly sophisticated cyber threats. As the investigation continues, Bologna FC is working to mitigate the damage and enhance its security practices to prevent future breaches.
Reference:
