logo

Bologna FC confirms data breach after RansomHub ransomware attack

RansomwareData Breach

Football

Bologna Football Club 1909 has confirmed it suffered a ransomware attack after its stolen data was leaked online by the RansomHub extortion group.

The Italian football team warns not to download or disseminate any of the stolen data, claiming it is a "serious criminal offense."

"Bologna FC 1909 S.p.a. would like to communicate that a ransomware cyber attack recently targeted its internal security systems," reads the short statement.

"The crime resulted in the theft of company data which may appear online."

"Please be warned that it is a serious criminal offense to be in possession of such data or facilitate its publication or diffusion."

RansomHub claims the attack

The attack was claimed by the RansomHub ransomware gang, currently the most prolific high-profile threat group in the space, on November 19, 2024.

"The club's management refused to protect the confidential data of players and sponsors," warned the cybercriminals at the time.

"Therefore, in 2 days, we will publish all medical, personal, and confidential data of all players of the club."

RansomHub
Source: BleepingComputer

The threat actors gave Bologna an extension to pay a ransom to prevent the publication deadline. However, they have now published the complete stolen dataset on the dark web.

The ransomware gang claims that the leaked data includes:

  • Sponsorship contracts and sponsor details
  • Complete financial data of the club's history
  • Personal and confidential player data
  • Transfer strategies for new and young players
  • Confidential data of fans and employees
  • Data on young athletes
  • Medical records
  • Information on structures and stadiums
  • Commercial strategies and business plans

Previously, the threat actors attempted to blackmail the Italian football team by listing examples of how leaked documents caused other teams to pay huge fines over various violations and used GDPR as leverage.

Ransomware attacks against sports teams aren't common, though some organizations, especially those at the highest level, manage large sums of money.

Previous examples include a NoEscape ransomware attack against the French basketball team ASVEL and a BlackCyte ransomware attack targeting the San Francisco 49ers NFL team.

New Windows Server 2012 zero-day gets free, unofficial patches

Russia arrests cybercriminal Wazawaka for ties with ransomware gangs

Free online web security scanner

Top News:

Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure

Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure

 January 9, 2025
New AI Jailbreak Method 'Bad Likert Judge' Boosts Attack Success Rates by Over 60%

New AI Jailbreak Method 'Bad Likert Judge' Boosts Attack Success Rates by Over 60%

 January 3, 2025
Thousands of BeyondTrust Systems Remain Exposed

Thousands of BeyondTrust Systems Remain Exposed

 January 4, 2025
PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps

PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps

 January 4, 2025
Cryptocurrency wallet drainers stole $494 million in 2024

Cryptocurrency wallet drainers stole $494 million in 2024

 January 5, 2025
Ivanti warns of new Connect Secure flaw used in zero-day attacks

Ivanti warns of new Connect Secure flaw used in zero-day attacks

 January 9, 2025