NASCAR has confirmed it suffered a cyberattack and a data breach in April 2025 which saw personal information of racing fans allegedly stolen.
The organization filed data breach reports with attorneys general in multiple US states, describing what had happened, and how it responded, noting the attack started on March 31, 2025, and was spotted – and stopped – on April 3. During that period, the company said it secured its network, brought in third-party cybersecurity experts to analyze the incident, and notified the appropriate law enforcement.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Russian Intelligence Services Target Commercial Messaging Application Accounts
March 20, 2026
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are jointly issuing this public service announcement (PSA) to warn the public about ongoing phishing campaigns by cyber actors associated with the Russian Intelligence Services (RIS) targeting commercial messaging applications (CMAs). RIS actors have compromised individual CMA accounts, but not CMAs’ encryption ...
- Government of Iran Cyber Actors Deploy Telegram C2 to Push Malware to Identified Targets
March 20, 2026
The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate information on malicious cyber activity conducted by actors on behalf of the Government of Iran Ministry of Intelligence and Security (MOIS). Specifically, MOIS cyber actors are responsible for using Telegram as a command-and-control (C2) infrastructure to push malware targeting Iranian dissidents, journalists opposed to ...
- Authorities disrupt world’s largest IoT DDoS botnets responsible for record breaking attacks targeting victims worldwide
March 19, 2026
ANCHORAGE, Alaska – The U.S. Justice Department participated in a court-authorized law enforcement operation today to disrupt Command and Control (C2) infrastructure used by the Aisuru, KimWolf, JackSkid and Mossad Internet of Things (IoT) botnets. The operation was conducted simultaneously to law enforcement actions conducted in Canada and Germany, which targeted individuals who operated these botnets. ...
- Unknown attackers exploit yet another critical SharePoint bug
March 19, 2026
Unknown baddies are abusing yet another critical Microsoft SharePoint bug to compromise victims’ SharePoint servers, the US government warned. CVE-2026-20963 is a critical deserialization flaw in SharePoint that allows unauthenticated attackers to remotely execute code on the server without any user interaction, and Redmond fixed the issue as part of its January Patch Tuesday. At the ...
- CISA urges companies to secure Microsoft Intune systems after hackers mass-wipe Stryker devices
March 19, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned companies to secure systems for managing their fleets of employee devices after pro-Iran hackers broke into medical tech giant Stryker and mass-wiped thousands of its phones, tablets, and computers. The agency said on Thursday that it was urging companies to take action and confirmed it was ...
- Marquis says over 672,000 people had personal and financial data stolen in ransomware attack
March 18, 2026
Marquis, a technology company used by hundreds of banks to analyze and visualize their customers’ data, says hundreds of thousands of people had their personal and sensitive financial information stolen in a ransomware attack last year. The Plano, Texas-based fintech company is notifying at least 672,075 people that hackers stole their information during the August 2025 ...