U.S. auto racing sanctioning firm NASCAR had its data claimed to have been stolen by the Medusa ransomware gang on its leak site, which also included purported attacks against California healthcare provider Pulse Urgent Care, California insurer McFarland Commercial Insurance Services, Canadian industrial tooling solutions provider FS Tool Corporation, and UK construction and civil engineering company Bridgebank Ltd, according to Hackread.
Information pilfered from NASCAR which was observed by Hackread to have included staff members' names, email addresses, and titles, credential-related details, and detailed raceway ground maps would be exposed should the company refuse to pay the $4 million ransom within 10 days, said Medusa on its blog. While it has yet to comment on Medusa's claims, NASCAR already had one of its major teams subjected to a major TeslaCrypt ransomware intrusion nearly nine years ago. Medusa's assertions also come weeks after organizations were urged by a joint FBI and Cybersecurity and Infrastructure Security Agency advisory to adopt multi-factor authentication and monitor improper certificate use to counter threats posed by the ransomware operation.
