“NASCAR might be f—–.” Those are not words usually heard from anyone in the sport. But when NASCAR is held hostage to a $4 million demand, things get serious. If you’ve been following the controversy so far, the Medusa ransomware gang stole data from NASCAR and slapped a 10-day timer on it. And we’re talking sensitive information that includes employee data, invoices, sponsor details, and so much more.
That’s when veteran insider and podcaster Large uttered those words regarding a ransomware attack, they resonated with something far worse than a cybersecurity blip.
It’s very rare for ransomware attacks to bump into the brightly lit world of high-octane motorsports, and when they do, it translates into nothing but a crisis. As one insider stated bluntly, “They’ve got absolutely everything.”
Barstool Sports personalities Large and Spider talked about the news on their show. Large explained, “There’s some wild fucking headlines, including the one that Spider hit us with last night, sometime after midnight, with this Medusa ransomware hitting NASCAR and demanding a $4 million ransom. I don’t know this company, but apparently that’s what they do. They break into, go through your spyware, they grab the most personal stuff that they can from a company, then they just blatantly demand money for it. So this is like a blatant extortion case and apparently they’ve also got Bridge Bank, McFarlane, Pulse Urgent Care.”
Now this isn’t by any means a new tactic from Medusa. They’ve done this before. Medusa emerged back in 2021, targeting schools, hospitals, and telecom services. There have been over 300 victims across industries that have fallen prey to them. In the last few weeks, they stepped up their game, stealing digital certificates to get past malware tools. Last month, the FBI and CISA got involved, sending a warning to companies about staying careful.
John Riggi, AHA national advisor for cybersecurity and risk, explained, “This well-known foreign ransomware group has conducted high impact ransomware attacks against hospitals, resulting in disruption and delay to health care delivery and posing a risk to patient and community safety. They routinely engage in double extortion, where they demand an extortion payment to not publish stolen patient data and a payment for the decryption key to unlock encrypted data and systems. This gang exploits stolen credentials and known vulnerabilities. It is recommended that the actionable threat intelligence contained in the alert be ingested into network defenses. It is also recommended that organizations prioritize patching of known exploited vulnerabilities, segment networks and employ best practices for identity and access management.”
This is not an isolated case. Spider remarked on how Medusa issued that ultimatum in 2023 to Minneapolis Public Schools. In retaliation for not paying said $1 million ransom, they dumped sensitive data online. Large remarked, “They go in, open up your files, they release some stuff, enough so NASCAR knows that they have absolutely everything, and then say, give me $4 million or I’m going to release everything that you guys have ever done. This is fucking spooky, Spider, right? This is like espionage type stuff. I don’t even know how to, I don’t know anything about this, but NASCAR might be f——.”
While NASCAR has not put out an official statement, it will be a wake-up call for the organisation. This isn’t the first digital attack they’ve faced in recent times. Just a month ago, the official NASCAR X handle was hacked alongside the NBA account. At the time, there was a post on NASCAR’s profile that said it introduced ‘$NASCAR Token’, a cryptocurrency apparently built on Solana. Looking at the low quality of the press release attached to the post, some fans began questioning whether it was real or had NASCAR just been hacked.
As fans wait on an outcome on the hacking incident, let’s take a look at what the update is on the Michael Jordan and Co. versus NASCAR lawsuit.
Michael Jordan seeks out Roger Penske’s help against NASCAR
To prove that NASCAR operates as a monopoly has been one of the most difficult parts of 23XI and FRM’s campaign against NASCAR. It’s what they’ve based their entire argument against the governing body. And in that quest, they’ve reached out to a couple of sports. We’re talking NFL, NBA, NHL, and Formula 1 for internal data on revenue distribution. But they’ve had no luck so far.
NFL outright declined it, saying, “The Subpoena is based on the flimsiest of premises: that because Plaintiffs are suing NASCAR, they can obtain — by way of federal process — financials, financial projections, research, studies, analyses, and other highly confidential, proprietary, and commercially sensitive information belonging to almost every other major sports league in the United States.” After all, Jordan’s layer Kessler brought back free agency to NFL.
23XI hasn’t had any luck with Formula 1 owners Liberty Media either. With fading hope, they now look towards IndyCar for support. Owned by Roger Penske under the Penske Entertainment company, the open-wheeled series will be one of the last avenues to find some ground for the lawsuit to progress on.
However, for Jordan and Co., it’s also important to remember that Penske may or may not help. After all, neither Formula 1 nor NASCAR publicly reveals its revenue sharing formulas and data. Roger Penske might not be looking to go on NASCAR’s bad side by helping the Jordan faction out. Only time will tell how it all unfolds.
The post Veteran Insider Raises Alarms Over NASCAR’s Blatant Violation by Hacker Group Amidst Demands of $4 Million appeared first on EssentiallySports.