Italian football club Bologna FC confirmed that they were targeted in a cyberattack using extortion software, resulting in stolen data being published online by the Ransomhub group.
The club stated that the attack was focused on their internal security systems, leading to the theft of data that could potentially be made public. They warned that possessing, promoting, or sharing this data is a serious criminal offense.
The Ransomhub group claimed responsibility for the attack, stating that the club had failed to protect the confidential data of players and sponsors. They threatened to release the stolen information if their demands were not met, accusing the club of betrayal.
Despite being given additional time to pay the ransom, the hackers claimed that the data had already been posted on the darknet. They announced that the stolen information amounted to 200 GB and included contracts, financial records, personal data of players, transfer strategies, fan and employee information, medical records, and commercial strategies.
In an attempt to intensify pressure on the club, the criminals referenced previous instances where the publication of such data resulted in hefty fines for violating GDPR regulations.
Prior to targeting Bologna FC, the Ransomhub group had hacked the official website of the Federal Government of Mexico “GOB.MX” and extracted 313 GB of data. The stolen information reportedly included contracts, insurance documents, financial reports, and confidential files. The government was given a deadline to pay the ransom, or else face the publication of the data.
Researchers have noted that despite being a recent entity, Ransomhub has quickly emerged as one of the most active extortion groups, targeting both companies and governmental institutions.