NASCAR has confirmed it suffered a cyberattack and a data breach in April 2025 which saw personal information of racing fans allegedly stolen.
The organization filed data breach reports with attorneys general in multiple US states, describing what had happened, and how it responded, noting the attack started on March 31, 2025, and was spotted – and stopped – on April 3. During that period, the company said it secured its network, brought in third-party cybersecurity experts to analyze the incident, and notified the appropriate law enforcement.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Man jailed for trying to buy chemical weapon online able to kill ‘hundreds’ of people
April 7, 2021
A man has been jailed for trying to buy a chemical weapon online capable of killing “hundreds” of people. On Tuesday, the US Department of Justice (DoJ) announced that Jason William Siesser, a resident of Missouri, will spend 12 years behind bars in federal prison without the possibility of parole. The 46-year-old tried to buy two and ...
- Ransomware gang leaks data from Stanford, Maryland universities
April 3, 2021
Personal and financial information stolen from Stanford Medicine, University of Maryland Baltimore (UMB), and the University of California was leaked online by the Clop ransomware group. The threat actors obtained the documents after hacking the universities’ Accellion File Transfer Appliance (FTA) software used to share and store sensitive information. Data stolen in the attack targeting Stanford Medicine’s ...
- Exchange Server attacks: Run this Microsoft malware scanner now, CISA tells government agencies
April 1, 2021
The Cybersecurity and Infrastructure Security Agency (CISA) has instructed US government agencies with on-premise Exchange systems to run Microsoft malware scanners and report results by April 5. CISA issued supplementary direction to its “ED 21-02” directive; the new request applies to any federal agency that had an Exchange server connected directly or indirectly to the internet ...
- U.S. Special Operations Command Paid $500,000 to Secretive Location Data Firm
March 30, 2021
A section of U.S. Special Operations Command (SOCOM), a part of the military tasked with counterterrorism, counterinsurgency, and special reconnaissance, paid half a million dollars to a company that sells access to location data harvested from ordinary apps installed on peoples’ phones, Motherboard has learned. Specifically, SOCOM paid Anomaly 6, a secretive contractor run by ...
- Department of Homeland Security email accounts exposed in SolarWinds hack
March 30, 2021
Email accounts belonging to US Department of Homeland Security (DHS) officials may have been compromised during the SolarWinds attack by Russian threat actors. The Associated Press reports that unauthorized intrusions occurred during the SolarWinds supply-chain attack. SolarWinds, the central point of entry, was compromised by threat actors in December who were able to plant a malicious Orion ...
- EU, Japan, and the US Conducted Joint Cybersecurity Training
March 24, 2021
Early this month, the EU, Japan, and the US recently conducted a joint cybersecurity training program as part of a series of dialogues on digital policies held last February 2021. The dialogues led to an agreement to strengthen the countries’ partnership on issues like platform regulation and industrial research. The training program was developed over the ...