Bologna FC confirms data breach after RansomHub ransomware attack
Bologna Football Club 1909 has confirmed it suffered a ransomware attack after its stolen data was leaked online by the RansomHub extortion group.
The Italian football team warns not to download or disseminate any of the stolen data, claiming it is a "serious criminal offense."
"Bologna FC 1909 S.p.a. would like to communicate that a ransomware cyber attack recently targeted its internal security systems," reads the short statement.
"The crime resulted in the theft of company data which may appear online."
"Please be warned that it is a serious criminal offense to be in possession of such data or facilitate its publication or diffusion."
RansomHub claims the attack
The attack was claimed by the RansomHub ransomware gang, currently the most prolific high-profile threat group in the space, on November 19, 2024.
"The club's management refused to protect the confidential data of players and sponsors," warned the cybercriminals at the time.
"Therefore, in 2 days, we will publish all medical, personal, and confidential data of all players of the club."
The threat actors gave Bologna an extension to pay a ransom to prevent the publication deadline. However, they have now published the complete stolen dataset on the dark web.
The ransomware gang claims that the leaked data includes:
- Sponsorship contracts and sponsor details
- Complete financial data of the club's history
- Personal and confidential player data
- Transfer strategies for new and young players
- Confidential data of fans and employees
- Data on young athletes
- Medical records
- Information on structures and stadiums
- Commercial strategies and business plans
Previously, the threat actors attempted to blackmail the Italian football team by listing examples of how leaked documents caused other teams to pay huge fines over various violations and used GDPR as leverage.
Ransomware attacks against sports teams aren't common, though some organizations, especially those at the highest level, manage large sums of money.
Previous examples include a NoEscape ransomware attack against the French basketball team ASVEL and a BlackCyte ransomware attack targeting the San Francisco 49ers NFL team.
New Windows Server 2012 zero-day gets free, unofficial patches
Russia arrests cybercriminal Wazawaka for ties with ransomware gangs
CVE-2025-22224 VMware ESXi and Workstation TOCTOU Race Condition Vulnerability
CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability
CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability
CVE-2022-43769 Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability
CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
CVE-2018-8639 Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability
CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability
CVE-2017-0148 Microsoft SMBv1 Server Remote Code Execution Vulnerability
InformationalInformation Disclosure - Suspicious Comments
InformationalRe-examine Cache-control Directives
Free online web security scanner
