Ransomware cyber

NASCAR

Jul 27, 2025 1 min read
NASCAR

NASCAR, the National Association for Stock Car Racing, experienced a data breach in March 2025 due to a cyberattack. The incident exposed the Social Security numbers of an unknown number of victims. The company identified the attack on April 3 and began an investigation, involving law enforcement and a cybersecurity firm. The breach notification letters were sent out to victims on July 24, offering one year of credit monitoring services. Medusa ransomware gang claimed responsibility, demanding a $4 million ransom and threatening to publish exfiltrated data if not paid by April 19.

Source: https://therecord.media/nascar-confirms-data-breach

TPRM report: https://www.rankiteo.com/company/nascar

"id": "nas553072725",
"linkid": "nascar",
"type": "Ransomware",
"date": "7/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'customers_affected': 'Unknown',
                        'industry': 'Auto Racing Sanctioning Body',
                        'location': 'Daytona Beach',
                        'name': 'NASCAR',
                        'type': 'Organization'}],
 'attack_vector': 'Cyberattack',
 'customer_advisories': 'Breach notification letters sent to victims on July '
                        '24, 2025',
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': 'Unknown',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Social Security Numbers'},
 'date_detected': '2025-04-03',
 'date_publicly_disclosed': '2025-07-24',
 'description': 'NASCAR warned customers of a data breach caused by a '
                'cyberattack in March, exposing the Social Security numbers of '
                'an unknown number of victims.',
 'impact': {'data_compromised': ['Social Security Numbers'],
            'identity_theft_risk': 'High'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial Gain',
 'ransomware': {'data_exfiltration': 'Yes',
                'ransom_demanded': '$4 million',
                'ransomware_strain': 'Medusa'},
 'regulatory_compliance': {'regulatory_notifications': 'Yes'},
 'response': {'communication_strategy': 'Breach notification letters sent to '
                                        'victims, one year of credit '
                                        'monitoring services provided',
              'incident_response_plan_activated': 'Yes',
              'law_enforcement_notified': 'Yes',
              'third_party_assistance': 'Yes'},
 'threat_actor': 'Medusa Ransomware Gang',
 'title': 'NASCAR Data Breach',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.