Italian football club Bologna FC has fallen victim to a massive ransomware attack that has stolen 200GB of sensitive data, including financial records, player medical records and business plans.
Bologna FC, one of Italy’s oldest football clubs, has confirmed a ransomware attack that compromised the organization’s internal security systems. In a statement, the club reported on the possible leakage of stolen data to the Internet.
Hacking group RansomHub claimed responsibility for the attack, saying they stole 200GB of data. Among them are financial documentation, medical records of football players, confidential information of clients and employees, as well as business plans of the club. The attackers are threatening to publish the stolen material, accusing the club of breaching European data protection laws and FIFA and UEFA rules.
The incident became another example of increased attention of cybercriminals to the sports industry. Previously, hackers attacked football clubs in the Netherlands, Great Britain and Italy, causing millions in damages. For example, in 2018, attackers stole more than $1.75 million from an Italian Serie A club using an email compromise scheme.
Cyber attacks on sports organizations are becoming more and more common. In 2020, the UK’s National Cyber Security Center (NCSC) published a report highlighting various attacks on football clubs, including the compromise of turnstile systems and the theft of funds through fake transfers.
Sports organizations are often targeted due to the large volume of financial transactions and sensitive data circulating in their systems. Lack of proper cyber security measures only increases their vulnerability.
The incident underscores the importance of strengthening cybersecurity measures to protect sports organizations from financially motivated hackers. Football clubs need to invest in modern security systems to avoid such losses and ensure the trust of their partners and fans.