ArbiterSports, the company that provides sports related software to the National Collegiate Athletic Association has released an official statement on Monday this week stating that it thwarted a ransomware attack made on its database on July 15, 2020.
However, the sports agency led by Kyle Ford claims that the hackers still infiltrated the network stealing sensitive files related to ArbiterGame, ArbiterOne and ArbiterWorks- web software’s used by sports leagues represented by multiple schools across the United States.
As the stolen data from the backups was critical, as it includes info such as usernames, passwords, email ids, DoBs, social security numbers and addresses of more than 540,000 registered members- mostly referees, league members and school representatives; the sporting organization bowed down to the demands of the hackers and paid them a handsome amount to decrypt data.
Utah based ArbiterSports said in its statement that all the stolen data was encrypted, but the ransomware group that stole the data managed to somehow decrypt the data.
All the members of the sporting firm are being urged to change their passwords and will be offered a free one year membership of Experian Identity Works Credit 3B that will shield them from their information being misused on web without negatively impacting their credit score.
Keith Mukai, a programmer and a freelance security analyst, reacted to the news and stated that the ransomware attack on Arbiters took place as its staff failed to implement at least the basic security measures followed 2 decades back.
Mukai also added that there is no guaranty that the stolen information was never copied and will not haunt the future of ArbiterSports again.