HQ/EMEAFind out how we can help your business
The notorious Medusa ransomware organisation has targeted NASCAR and demanded $4 million as ransom.
This cybercriminal organisation has added another big corporation to its growing list of victims. Earlier this week, the gang included the National Association for Stock Car Auto Racing on its dark web leak site.
Moreover, the group is currently demanding a ransom and threatening to expose the alleged internal data if the targeted entity does not comply with its demands.
The ransomware group has also claimed credit for the attacks on McFarland Commercial Insurance Services, Bridgebank Ltd, Pulse Urgent Care, and NASCAR.
The hackers have already leaked 37 NASCAR-related document photos as proof. An inspection of one of the blurred photos reveals a combination of business branding materials, facility maps, spreadsheets with personnel contact information, and what appear to be internal notes and photographs.
A short review of the released documents reveals that some content contains precise maps of racetrack grounds, email addresses, staff names and titles, and credential-related information, implying a genuine compromise of operational and logistical data.
NASCAR has yet to address the claims of the Medusa ransomware group.
It is worth noting that this coverage is purely based on Medusa ransomware claims; hence, NASCAR has yet to reply, confirm, or deny it.
However, it would not be surprising if the company confirmed the breach; the organisation earns hundreds of millions of dollars in revenue yearly, making it an appealing target for thieves.
This case is not the first time the entity has been tied to a ransomware incident. In July 2016, one of the teams that participated in its events had a massive ransomware attack after its chief’s computer was compromised with a TeslaCrypt variant. The attackers encrypted the system’s files and demanded Bitcoin as payment.
The Medusa ransomware group was first identified in the wild in 2021, but its activity has increased recently. One of its more well-known attacks was against the Minneapolis Public Schools district in 2023 when the organisation published sensitive student and employee data after a $1 million ransom demand went unmet.
The group had also attacked hospitals, telecom companies, and municipalities, frequently dumping massive amounts of internal data when ransoms were unpaid.
