San Francisco 49ers reportedly hit by ransomware attack

NFL team falls victim to ransomware-as-a-service group BlackByte

Deborah Yao

February 17, 2022

2 Min Read

The storied football team San Francisco 49ers became the latest organization to fall victim to a ransomware attack.

According to the AP, ransomware hacker BlackByte claimed to have stolen financial data from the NFL team and posted it on the dark web under a file called “2020 Invoices.” It was not disclosed what the gang demanded in ransom or how much data was stolen or encrypted.

The team said in a statement to the AP that it recently became aware of a “network security incident” that disrupted some of its corporate IT systems. The 49ers said they reported the incident to authorities and hired cybersecurity firms.

“To date, we have no indication that this incident involves systems outside of our corporate network, such as those connected to Levi’s Stadium operations or ticket holders,” the team said. Levi’s Stadium is its home stadium.

Days earlier, the FBI and the U.S. Secret Service had issued a warning against BlackByte ransomware. As of November 2021, hackers had compromised several U.S. and foreign businesses, including units in at least three critical infrastructure sectors -- government facilities, financial and food and agriculture.

The AP said BlackByte is a ransomware-as-a-service group with a decentralized group of independent operators developing the malware. Ransomware gangs are becoming more professional, even setting up arbitration processes to resolve disputes among themselves.

In a ransomware attack, hackers lock access to a victim’s data through encryption and demand compensation to release the information. Last year’s major attacks include JBS, the world’s largest meat processing company, and Colonial Pipeline, the largest fuel pipeline in the U.S.

In 2021, there were ransomware attacks on 14 of 16 U.S. critical infrastructure sectors, according to a report this month by the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).

 

About the Authors

Deborah Yao

Editor, AI Business

Get the newsletter
From automation advancements to policy announcements, stay ahead of the curve with the bi-weekly AI Business newsletter.