It seems that even the sport of kings is not immune to ransomware (opens in new tab)after the New York Racing Association (NYRA) reported an attack.
In a statement, the association said it discovered “suspicious network activity” in late June 2022 that showed the characteristics of a potential cyberattack.
It was quick to disconnect all affected systems and notify cybersecurity professionals and law enforcement. After several weeks of investigation, NYRA determined the damage was limited and unrelated to day-to-day racing. Customer betting activities, NYRA bets as well as NYRA TV have all remained safe.
Customer data safe
“As a result, there has been no disruption to NYRA’s core operations,” the association claimed.
It added that there is currently no evidence that sensitive customer data was compromised, but some NYRA employees and their beneficiaries had their sensitive data taken.
NYRA said it had notified all affected individuals and said attackers may have obtained social security numbers, driver’s license identification numbers, medical records and health insurance information, more than enough data to conduct an identity theft attack.
The notification also states that NYRA will provide affected employees and their beneficiaries with identity protection services through Experian for 24 months. Still, victims should consider a credit freeze or get frequent credit checks to ensure they spot suspicious activity, the association concluded.
Shortly after news of the ransomware attack broke, operators by the name of Hive claimed responsibility and listed the data stolen in the attack on their data leak site. The website now hosts a free-to-download ZIP archive allegedly containing all files stolen from NYRA’s network, which was supposed to mean that the association declined to pay ransom demands in exchange for the data.
Via: BleepingComputer (opens in new tab)
https://www.techradar.com/news/even-horse-racing-isnt-safe-from-ransomware-now Even horse racing isn’t safe from ransomware now