The NFL’s San Francisco 49ers fell victim to a cyberattack on Saturday by the Blackbyte ransomware group, which claims to have stolen data from the organization.
The 49ers confirmed the attack in a media statement and said that it caused a temporary disruption to sectors of their IT network.
Although the 49ers did not confirm whether the hackers were successful, they said that they are still in the process of recovering systems while indicating that devices were likely encrypted.
“The San Francisco 49ers recently became aware of a network security incident that resulted in temporary disruption to certain systems on our corporate IT network,” the organization said in the media statement. “Upon learning of the incident, we immediately initiated an investigation and took steps to contain the incident.”
While the investigation is still ongoing, the 49ers said that they believe the attack was limited to their corporate IT network.
“As the investigation continues, we are working diligently to restore involved systems as quickly and as safely as possible,” the 49ers added.
The BlackByte ransomware gang claimed responsibility for the 49er’s attack on Saturday by beginning to leak files that they claimed were stolen files.
The leaked data is a 292MB archive of files that the hackers said were 2020 invoices stolen from the 49ers’ network. BlackByte usually releases its victims’ data in increasing amounts to pressure the victim into paying to retrieve the stolen data.
While it is unknown how much data has been stolen during the attack on the 49ers, BlackByte has stolen gigabytes of data from previous victims.
BlackByte Ransomware
The BlackByte ransomware operation launched in July when it began targeting corporate victims worldwide.
The FBI and Secret Service released a statement on Friday that warned that BlackByte had “compromised multiple US and foreign businesses” since November.
While the ransomware gang is not as quite active compared to others, they have still managed to conduct multiple successful attacks over the past few months. BlackByte is primarily known for using security vulnerabilities in order to gain initial access to a corporate network.