NASCAR has confirmed it suffered a cyberattack and a data breach in April 2025 which saw personal information of racing fans allegedly stolen.
The organization filed data breach reports with attorneys general in multiple US states, describing what had happened, and how it responded, noting the attack started on March 31, 2025, and was spotted – and stopped – on April 3. During that period, the company said it secured its network, brought in third-party cybersecurity experts to analyze the incident, and notified the appropriate law enforcement.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Principles of operational technology cyber security
October 1, 2024
Critical infrastructure organisations provide vital services, including supplying clean water, energy, and transportation, to the public. These organisations rely on operational technology (OT) to control and manage the physical equipment and processes that provide these critical services. As such, the continuity of vital services relies on critical infrastructure organisations ensuring the cyber security and safety ...
- Iranian Cyber Actors Targeting Personal Accounts to Support Operations
September 27, 2024
The Federal Bureau of Investigation (FBI), U.S. Cyber Command – Cyber National Mission Force (CNMF), the Department of the Treasury (Treasury), and the United Kingdom’s National Cyber Security Centre (NCSC) are disseminating this joint Cybersecurity Advisory (CSA) to highlight continued malicious cyber activity by cyber actors working on behalf of the Iranian Government’s Islamic Revolutionary ...
- Kaspersky defends force-replacing its security software without users’ explicit consent
September 26, 2024
Earlier this week, some U.S. customers of Kaspersky’s antivirus were surprised to find out that the Russian-made software disappeared from their computers and had been replaced by a new antivirus called UltraAV, owned by American company Pango. The move was the result of the U.S. government’s unprecedented ban on Kaspersky, which prohibited the sale of any ...
- Storm-0501: Ransomware attacks expanding to hybrid cloud environments
September 26, 2024
Microsoft has observed the threat actor tracked as Storm-0501 launching a multi-staged attack where they compromised hybrid cloud environments and performed lateral movement from on-premises to cloud environment, leading to data exfiltration, credential theft, tampering, persistent backdoor access, and ransomware deployment. The said attack targeted multiple sectors in the United States, including government, manufacturing, transportation, and ...
- Ransomware Attackers Target Kansas Water Treatment Facility
September 24, 2024
On Sunday, a cyber attack on a water utility in Arkansas City, Kansas prompted its treatment facility to revert to manual operations. The city manager, Randy Frazer, confirmed that the water supply remains unaffected and safe, with no disruption to service reported. The plant’s manual operation is a precautionary measure to enhance security while the situation ...
- 4 more nations sign on to US-led counter-spyware agreement
September 23, 2024
Austria, Estonia, Lithuania and the Netherlands on Sunday joined a U.S.-led pact designed to deter global spyware abuses, marking 21 nations signing onto the agreement after the alliance began with 11 participants in March of last year. The add-ins were fleshed out on the sidelines of the United National General Assembly, a State Department release said. ...