Bologna FC confirms ransomware attack and data theft

Italian football club Bologna FC, one of the nation’s most storied teams, confirmed that it had been the target of a ransomware attack that compromised internal data. The club warned that the hackers could leak the stolen information online.

Bologna FC revealed the breach in a public statement, describing it as a significant criminal act against its security systems. “The crime resulted in the theft of company data which may appear online,” the statement read. “Please be warned that having such data or facilitating its publication or diffusion is a serious criminal offense.”

The announcement follows claims by the RansomHub ransomware gang, who stated they had stolen 200GB of data from the club. According to the group, the haul includes financial records, medical information about players, business plans, and confidential details about employees and customers. They have also alleged that the data may expose Bologna FC’s potential violations of European data protection laws and regulations set by FIFA and UEFA.

Bologna FC has yet to comment on the hackers’ claims or outline specific measures to address the breach. The club has yet to confirm whether it will negotiate with the attackers or whether law enforcement agencies are involved.

The incident highlights the increasing vulnerability of sports organizations to cyberattacks, particularly those involving ransomware. High-profile clubs and governing bodies have become lucrative targets for cybercriminals seeking financial gain or leverage through sensitive data.

In 2020, the U.K.’s National Cyber Security Centre (NCSC) reported a ransomware attack on a Premier League club that disrupted corporate systems and nearly caused a match cancellation. Similarly, cybercriminals have exploited business email compromises to steal millions during transfer negotiations, as seen in cases involving Premier League and Serie A clubs.