The San Francisco 49ers have confirmed they were attacked by the BlackByte ransomware group hours before the Super Bowl.
The team claimed the network security incident that disrupted their company’s IT network had only recently been discovered, with information from the San Francisco 49ers surfacing on the ransomware group’s leaking site late Saturday night.
A San Francisco 49ers spokesperson explained that steps were taken immediately after the breach was discovered. Third-party cybersecurity vendors were hired to help with the investigation while law enforcement was notified.
“While the investigation is ongoing, we believe the incident is limited to our corporate IT network; to date, we have no indication that this incident involves systems outside of our corporate network, such as those connected to Levi’s Stadium operations or ticket holders. As the investigation continues, we are working diligently to restore involved systems as quickly and as safely as possible,” the spokesperson explained.
According to Emsisoft ransomware expert Brett Callow, Blackbyte is a Ransomware-as-a-service (RaaS) operation. He explained that attackers, who use it to carry out attacks, may be in the same country as the primary team.
For more information, read the original story in ZDNet.