Foreign ransomware criminals have struck again, this time targeting NASCAR with an alarming demand: prepare to shell out millions or face the consequences.
Demanding a staggering $4 million ransom, the Medusa gang claims to have stolen over one terabyte of sensitive data.
It is giving NASCAR just 10 days to pay up or have its information exposed to the world.
The Medusa ransomware gang recently announced its attack on NASCAR, adding the iconic American racing organization to its growing list of victims.
This foreign criminal group has already published 37 document images from NASCAR’s internal systems.
These include corporate branding materials, facility maps, and sensitive employee contact details, proving it has indeed breached NASCAR’s security systems.
NASCAR officials have remained silent about the breach, neither confirming nor denying the attack.
This marks another American business facing increasingly bold foreign cyber criminals who operate with apparent impunity.
The hackers have given NASCAR a 10-day deadline to pay the ransom or face public exposure of all stolen data, with options to extend the deadline for an additional $100,000 per day.
The compromised information reportedly includes operational and logistical data, raceway maps, staff credentials, sponsor information, and invoice scans.
Such data in the wrong hands could potentially disrupt America’s premier racing series and expose countless employees and partners to further targeting.
This is not the first time NASCAR has been targeted. In July 2016, the organization faced another ransomware attack involving a TeslaCrypt variant.
The repeated targeting of this iconic American institution highlights the ongoing vulnerability of national businesses and cultural organizations to foreign criminal elements.
The Medusa group has been actively attacking American interests since 2021.
It has targeted over 300 organizations across critical infrastructure sectors, including recent attacks on McFarland Commercial Insurance Services, Bridgebank Ltd, and Pulse Urgent Care.
Its aggressive tactics include using stolen digital certificates to disable anti-malware tools, showing a sophisticated level of technical capability.
Despite this warning from federal agencies, American businesses continue to fall victim to these attacks.
As NASCAR evaluates its options, American racing fans are left wondering how this breach might impact the sport they love.
Whether NASCAR pays the ransom to protect its data or stands firm against these digital extortionists remains to be seen.
