The New York Racing Association suffered a cyberattack last June, and the Hive ransomware group claimed to be the perpetrator. The ransomware attack has affected the racing association’s website availability and IT operations.
Moreover, the experts claimed that the most impactful part of the attack was that it compromised the data of every member of NYRA.
The NYRA is the organiser of the three most significant horse racing tracks in the state of Manhattan. These racecourses are Belmont Park, Aqueduct Racetrack, and Saratoga Racecourse.
According to the threat advisory disseminated to the affected members last month, the threat actors may have exfiltrated troves of data and member information such as health records, driver’s license ID numbers, and Social Security numbers.
Other researchers also claimed that the threat actors obtained health insurance information during their attacks against the association.
The racing association offered protection to those who were affected by the ransomware attack.
According to the data breach notification from NYRA, they could enroll in a 2-year identity protection service from a cybersecurity firm, covering all the costs for all affected members. Furthermore, the members who received the notification letters should place a credit freeze or review them properly to avoid conflicts.
The cybersecurity incidents have not affected the horse racing event’s flow since the researchers have not observed any changes in its scheduled races. However, NYRA’s website is still inaccessible, implying that the attack’s impact has not been mitigated entirely.
The Hive ransomware group has taken responsibility for the campaign against the racing association by listing NYRA as a victim on its extortion website.
To further prove their claim, the hackers published a free link for downloading a ZIP file containing all stolen files from NYRA’s system. Hence, it is safe to assume an existing negotiation process between the threat actors and the association.
Hive is one of the most active threat groups circulating today’s cybercriminal landscape. They have been claiming different attacks during these previous months. One of its latest attacks is against a clothing company that affected many individuals.
