Breach cyber

Belgian Grand Prix

Jul 30, 2025 1 min read
Belgian Grand Prix

Cybercriminals launched a multi-vector attack targeting fans and teams ahead of the 2025 Belgian Grand Prix. The campaign involved phishing emails, fraudulent ticket websites, and malicious streaming platforms, exploiting a security breach of the official Belgian Grand Prix email account. This breach enabled large-scale phishing operations, with attackers distributing deceptive emails promising discounted tickets and exclusive access. The threat actors registered multiple malicious domains to impersonate official Formula 1 and Spa-Francorchamps websites, harvesting personal and payment information, distributing malware, and spreading misinformation. The attack demonstrated sophisticated domain spoofing techniques and strategic infrastructure distribution across multiple registrars to evade detection.

Source: https://cybersecuritynews.com/threat-actors-attacking-fans-of-belgian-grand-prix/

TPRM report: https://www.rankiteo.com/company/spa-gp

"id": "spa209080925",
"linkid": "spa-gp",
"type": "Breach",
"date": "6/2025",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': 'Formula 1 fans and teams',
                        'industry': 'Sports/Entertainment',
                        'location': 'Spa-Francorchamps, Belgium',
                        'name': 'Belgian Grand Prix',
                        'type': 'Event'}],
 'attack_vector': ['Phishing emails',
                   'Fraudulent ticket websites',
                   'Malicious streaming platforms',
                   'Counterfeit merchandise scams'],
 'data_breach': {'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal information',
                                              'Payment information']},
 'description': 'Cybercriminals have launched a sophisticated multi-vector '
                'attack campaign targeting fans and teams ahead of the 2025 '
                'Belgian Grand Prix, scheduled for July 27 at the iconic '
                'Spa-Francorchamps circuit. The threat actors have deployed '
                'tactics including phishing emails, fraudulent ticket '
                'websites, malicious streaming platforms, and counterfeit '
                'merchandise scams.',
 'impact': {'brand_reputation_impact': 'High',
            'data_compromised': ['Personal information', 'Payment information'],
            'identity_theft_risk': 'High',
            'payment_information_risk': 'High'},
 'initial_access_broker': {'entry_point': 'Compromised official Belgian Grand '
                                          'Prix email account',
                           'reconnaissance_period': 'Early 2024'},
 'motivation': 'Financial gain, data theft',
 'post_incident_analysis': {'root_causes': 'Compromised email account leading '
                                           'to phishing and domain spoofing'},
 'references': [{'source': 'CloudSEK'}],
 'title': 'Sophisticated Multi-Vector Attack Campaign Targeting 2025 Belgian '
          'Grand Prix',
 'type': 'Multi-vector attack',
 'vulnerability_exploited': 'Compromised official Belgian Grand Prix email '
                            'account'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.