"San Francisco 49ers Hit by Ransomware"

Cybercriminals have attacked the San Francisco 49ers with ransomware.  Confirmation of the attack came after the 49ers were listed on a dark web leak site as a victim of ransomware-as-a-service (RaaS), BlackByte.  The attack might have been carried out by the ransomware creators or by an affiliate accessing the malware in return for a share of any illegal proceeds gained through its use.  A security researcher at Emsisoft stated that BlackByte is a RaaS that launched in the middle of last year and, like multiple other ransomware families, it is coded to avoid encrypting systems that use the languages of Russia or other post-Soviet countries.  The cybercriminals behind the ransomware attack claim to have stolen some of the San Francisco team's financial data, including invoices from 2020.  The 49ers, in a statement, said that it had suffered a "network security incident" that had temporarily disrupted its corporate network.  The team also noted that to date, they have no indication that this incident involves systems outside of their corporate network, such as those connected to Levi's Stadium operations or ticket holders.  As of November 2021, BlackByte ransomware had compromised multiple U.S. and foreign businesses, including entities in at least three U.S. critical infrastructure sectors (government facilities, financial, and food & agriculture). 

Infosecurity reports: "San Francisco 49ers Hit by Ransomware"