Bologna Football Club 1909 confirmed it has been the victim of a ransomware attack, resulting in the theft and online publication of sensitive data by the RansomHub extortion group.
The club has cautioned the public against downloading or sharing the stolen data, emphasizing that doing so constitutes a "serious criminal offense."
In an official statement, Bologna FC said:
The attack was claimed by RansomHub, a notorious ransomware gang, on November 19, 2024. The group accused the club of failing to protect the confidential data of players and sponsors.
"In two days, we will publish all medical, personal, and confidential data of all players of the club," the group threatened.
Despite offering Bologna an extension to pay the ransom, RansomHub has now leaked the stolen dataset on the dark web.
According to the attackers, the leaked data includes:
Sponsorship contracts and sponsor details
Complete financial records of the club
Confidential personal data of players
Transfer strategies for young and new players
Medical records and data on young athletes
Employee and fan information
Stadium and infrastructure plans
Commercial strategies and business plans
The gang even attempted to use GDPR violations as leverage, warning that leaked documents could lead to substantial fines for the club.
Ransomware attacks on sports organizations are rare but not unprecedented. High-profile teams managing substantial funds have been targeted in the past, including:
A NoEscape ransomware attack on French basketball team ASVEL
A BlackCyte ransomware attack on the San Francisco 49ers
This incident underscores the growing threat landscape for sports organizations as lucrative targets for cybercriminals.
Bologna FC urges the public to report any instances of stolen data being shared online and to refrain from engaging with such material. This attack serves as a reminder of the importance of robust cybersecurity measures for organizations of all sizes and sectors.