Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Talk about an own goal - Bologna FC hit by ransomware hackers

Security.

  • Bologna FC has confirmed suffering a cyberattack
  • RansomHub assumes responsibility, says the club had virtually zero defenses
  • The group claims to have stolen financial, medical, and other data

Top Serie A football club Bologna FC has suffered a devastating ransomware attack in which crooks stole a lot of sensitive information.

The club confirmed the news in a short statement published on its website, noting, "Bologna Football Club 1909 Spa announces that its security systems have recently been the subject of a ransomware cyber attack, on a cloud server and in the internal perimeter."

“This criminal action has led to the theft of company data that could be subject to publication. Anyone who comes into possession of such data is therefore warned against disseminating or sharing or making any other use of such data as it comes from a crime,"

"Bologna doesn't have any data protection"

While the club didn’t share many details about the incident, the attackers were quite vocal.

According to The Register, the club was struck by RansomHub, an infamous ransomware player that emerged following the disappearance of ALPHV (BlackCat). The threat actor boasted about the attack on its data leak website, and shared a few screenshots to prove their claims.

"Bologna FC was hacked due to lack of security on their network. All confidential data has been stolen," RansomHub allegedly said on its website. "Bologna FC does not have any data protection on its network which is why absolutely all their data was stolen."

The stolen information includes passport scans, contracts, and personal data for the club’s first-team players since 2017, as well as the club’s financials, medical data, commercial strategies, and business plans. Furthermore, the hackers stole a document appearing to be the contract for the club’s manager, Vincenzo Italiano, as well as his tax ID code, and bank account number.

While all these claims should be taken with a grain of salt, if they turn out to be true, whoever ends up buying the data can use it for business email compromise attacks, phishing, identity theft, and possibly even wire fraud.

You might also like

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.