Bologna FC 1909 Confirms Ransomware Attack After Sensitive Stolen Data Leaked Online

Italian football club, Bologna FC 1909 has recently confirmed falling victim to a ransomware attack. In a public statement, Bologna FC 1909 emphasized the severity of the incident and issued a stern warning against accessing or disseminating the stolen data:

"Bologna FC 1909 S.p.a. would like to communicate that a ransomware cyber attack recently targeted its internal security systems,” the short notice reads.” The crime resulted in the theft of company data which may appear online. Please be warned that it is a serious criminal offense to be in possession of such data or facilitate its publication or diffusion."

RansomHub's Threat and Data Leak

RansomHub, a highly prolific cybercriminal group claimed responsibility for the breach, leaking highly sensitive data exfiltrated during the attack on the dark web. RansomHub also accused the club's management of failing to protect sensitive information, stating:

"The club's management refused to protect the confidential data of players and sponsors. Therefore, in 2 days, we will publish all medical, personal, and confidential data of all players of the club."

Despite being offered an extension to negotiate payment, the Italian football club did not comply with the ransom demands, resulting in the full dataset being published on the dark web.

What Was Stolen?

The ransomware gang alleges that the leaked data includes a wide array of sensitive information. including:

• Sponsorship contracts and sponsor details
• The club’s complete financial history
• Personal and confidential data of players, fans, and employees
• Transfer strategies for young and new players
• Medical records of players
• Information on youth athletes
• Data on stadiums and facilities
• Commercial strategies and business plans

Such a breach exposes the club and its stakeholders, including sponsors, fans, and players, to significant risks of identity theft, fraud, and other forms of exploitation.

The attackers even attempted to leverage GDPR regulations to intensify their demands, suggesting that leaked documents could result in substantial fines for Bologna FC. This tactic has been used in previous ransomware incidents to pressure victims into compliance.

The potential repercussions of this attack are likely to be long-lasting. For affected parties, the exposure of sensitive information—ranging from financial data to medical records—can have far-reaching consequences. Bologna FC has urged caution and called on the public to refrain from interacting with the stolen data to avoid criminal implications.

Worried about your sensitive data ending up on the dark web?

To safeguard yourself from potential risks, consider using Bitdefender Digital Identity Protection.

With Bitdefender Digital Identity Protection, you can:

• Monitor your personal data across the web, including the dark web
• Receive alerts if your sensitive information is exposed in a data breach
• Take proactive steps to minimize risks and secure your online presence