Bologna FC confirms data breach after RansomHub ransomware attack

Bologna Football Club 1909 has confirmed it suffered a ransomware attack after its stolen data was leaked online by the RansomHub extortion group.

The Italian football team warns not to download or disseminate any of the stolen data, claiming it is a "serious criminal offense."

"Bologna FC 1909 S.p.a. would like to communicate that a ransomware cyber attack recently targeted its internal security systems," reads the short statement.

"The crime resulted in the theft of company data which may appear online."

"Please be warned that it is a serious criminal offense to be in possession of such data or facilitate its publication or diffusion."

RansomHub claims the attack

The attack was claimed by the RansomHub ransomware gang, currently the most prolific high-profile threat group in the space, on November 19, 2024.

"The club's management refused to protect the confidential data of players and sponsors," warned the cybercriminals at the time.

"Therefore, in 2 days, we will publish all medical, personal, and confidential data of all players of the club."

The threat actors gave Bologna an extension to pay a ransom to prevent the publication deadline. However, they have now published the complete stolen dataset on the dark web.

The ransomware gang claims that the leaked data includes:

• Sponsorship contracts and sponsor details
• Complete financial data of the club's history
• Personal and confidential player data
• Transfer strategies for new and young players
• Confidential data of fans and employees
• Data on young athletes
• Medical records
• Information on structures and stadiums
• Commercial strategies and business plans

Previously, the threat actors attempted to blackmail the Italian football team by listing examples of how leaked documents caused other teams to pay huge fines over various violations and used GDPR as leverage.

Ransomware attacks against sports teams aren't common, though some organizations, especially those at the highest level, manage large sums of money.

Previous examples include a NoEscape ransomware attack against the French basketball team ASVEL and a BlackCyte ransomware attack targeting the San Francisco 49ers NFL team.