The San Francisco 49ers were reportedly halted by a BlackByte ransomware attack, which disrupted the National Football League (NFL) team’s internal IT network on Superbowl Sunday, the Big Buffalo Wing-Snarfing Day.
BlackByte, a Ransomware-as-a-Service (RaaS) group that licenses its ransomware to associates in exchange for a portion of the ransom, claimed credit for the attack by disclosing files allegedly stolen in the cyberattack.
On Monday, the 49ers acknowledged the incident to Threatpost. They stated that they recently learned of a network security event that caused some services on their corporate IT network to be temporarily unavailable. They launched an investigation as soon as they learned of the occurrence and took action to contain it.
Given that BlackByte is a Ransomware-as-a-Service (RaaS), Joseph Carson, chief security scientist and advisory CISO at Privileged Access Management (PAM) solutions provider Delinea, told Threatpost that it’s more likely that an affiliate hacked the 49ers than the developers of the ransomware.