Owing to a ransomware attack that impacted its network earlier this year, the NFL’s San Francisco 49ers are distributing warning letters to all affected individuals, revealing a data breach impacting more than 20,000 of them.
A week prior to Super Bowl Sunday, the BlackByte ransomware group targeted the team’s networks, sparking concerns about what would have transpired had the club retained its late-game lead two weeks earlier to win the championship game.
Personal information belonging to 20,930 people was accessed and taken during the hack between February 6 and February 11, 2022, according to the San Francisco Bay Area professional American football team.
On Monday, the company announced that an investigation had been updated and that the theft had taken six days. Also, it stated it has begun sending letters of notification to people whose data may have been exposed. The group said that it “conducted a thorough assessment of these data to discover the individuals whose data was stored within, and additional research to locate and validate the addresses for these people.”
A total of 20,930 names and related Social Security numbers were acquired during the incident, the business further stated in its notification to the Maine Attorney General’s Office, where it is allowed by law to report data breaches.
In order to take credit for the hack, the BlackByte gang began leaking files purportedly taken from the 49ers’ network on February 12, just as the NFL was preparing for the Super Bowl 2022.
The ransomware organization released an archive with 292 MB worth of files it claimed were invoices taken from the 49ers’ infected systems.
The group first surfaced in September 2021, according to experts, with ransomware that was poorly coded. A flaw was uncovered in it, and the cybersecurity company Trustwave exploited it to produce a free decryptor.
However, the organization was able to carry out many attacks after creating a second edition of the ransomware that fixed the Trustwave’s flaws. Only one day after the 49ers attack became widely known, the FBI issued a security notice regarding BlackByte.
Read the full article here