• Bologna issued a short statement, confirming suffering a cyberattack
  • RansomHub assumes responsibility, says the club had virtually zero defenses
  • The group claims to have stolen financial, medical, and other data

Bologna FC, an Italian football club playing in the country’s elite rank, Serie A, suffered a devastating ransomware attack in which crooks stole a lot of sensitive information.

The club confirmed the news in a short statement published, in Italian, on its website.

“Bologna Football Club 1909 Spa announces that its security systems have recently been the subject of a ransomware cyber attack, on a cloud server and in the internal perimeter,” says a machine translation of the announcement.

"Bologna doesn't have any data protection"

“This criminal action has led to the theft of company data that could be subject to publication. Anyone who comes into possession of such data is therefore warned against disseminating or sharing or making any other use of such data as it comes from a crime," the statement continued.

While the club didn’t share many details about the incident, the attackers were quite vocal. According to The Register, the club was struck by RansomHub, an infamous ransomware player that emerged following the disappearance of ALPHV (BlackCat). The threat actor boasted about the attack on its data leak website, and shared a few screenshots to prove their claims.

"Bologna FC was hacked due to lack of security on their network. All confidential data has been stolen," RansomHub allegedly said on its website. "Bologna FC does not have any data protection on its network which is why absolutely all their data was stolen."

According to The Register, crooks have taken passport scans, contracts, and personal data for the club’s first-team players since 2017. They took the club’s financials, medical data, commercial strategies, and business plans. Furthermore, they stole a document that looks like the contract for the club’s manager, Vincenzo Italiano. Finally, they grabbed his tax ID code, and bank account number.

While all these claims should be taken with a grain of salt, if they turn out to be true, whoever ends up buying the data can use it for business email compromise attacks, phishing, identity theft, and possibly even wire fraud.

You might also like