Feb. 14 (UPI) — The San Francisco 49ers confirmed Sunday the team was targeted in a ransomware attack that caused a “temporary disruption” of its corporate IT network.
In a statement distributed to cybersecurity journals The Record and BleepingComputer, the 49ers said they “have no indication that this incident involves systems outside of our corporate network, such as those connected to Levi’s Stadium operations or ticket holders.”
“Upon learning of the incident, we immediately initiated an investigation and took steps to contain the incident,” they said, adding that “third-party cybersecurity firms were engaged to assist, and law enforcement was notified.”
The team did not identify the attackers in its statement, but its confirmation came shortly after the operators of the BlackByte ransomware gang claimed in a “dark web” posting they had victimized the 49ers and released an archive of files purported to be stolen 2020 invoices, the publications said.
In ransomware attacks, criminals employ malware that encrypts a victim’s information so they cannot access their files or databases, holding it until a ransom is paid.
The FBI says there have been significant increases not only in the number of ransomware variants, but also in the number of attacks and the amount of money demanded.
Between 2019 and December, the FBI says it opened investigations into 100 different types of ransomware variants while the number of individual attacks has grown well into the thousands and the number of ransomware payments has tripled.
The average total cost of recovery from a ransomware attack has more than doubled in a year, increasing from $761,000 in 2020 to $1.85 million last year, with the average ransom paid around $170,000, according to the cybersecurity firm Sophos.
In its annual survey, the firm found that only 8% of organizations managed to get back all of their data after paying a ransom, with 29% getting back no more than half of their data.