The world of motorsports has been rocked by reports that the National Association for Stock Car Auto Racing (NASCAR) has become the latest victim of a significant cyberattack. The Medusa ransomware gang has allegedly infiltrated NASCAR’s systems, demanding a $4 million ransom to prevent the release of sensitive internal data.
According to cybersecurity outlet Hackread, Medusa has listed NASCAR on its dark web leak site, claiming possession of confidential information. The group has reportedly posted 37 document images as proof, including corporate branding materials, facility maps, spreadsheets with employee contact details, and internal notes.
The leaked data is said to encompass detailed maps of raceway grounds, email addresses, staff names and titles, and credential-related information, indicating a compromise of operational and logistical data.
Medusa has given NASCAR a 10-day deadline to pay the ransom, threatening to release the stolen data publicly if their demands are not met.
As of now, NASCAR has not publicly acknowledged or denied the breach. The organization has yet to issue an official statement regarding the alleged cyberattack.
This incident underscores the growing threat of ransomware attacks across various industries. The FBI and Cybersecurity and Infrastructure Security Agency (CISA) have previously warned organizations about the tactics employed by groups like Medusa, emphasizing the importance of robust cybersecurity measures.
The situation remains fluid, and further developments are anticipated as more information becomes available.
