A prominent ransomware gang known as Medusa claimed on Tuesday to have stolen sensitive information from auto-racing giant NASCAR.
In a post to their dark web blog, Medusa alleged to have in its possession more than one terabyte of data, demanding $4 million from the company.
A countdown timer indicates that NASCAR has 10 days to pay the ransom or risk having its data leaked to the public. Other options would permit the company to extend the deadline for $100,000 per day or allow anyone to download the data immediately upon paying the $4 million ransom.
A sample of the data presented by Medusa shows everything from internal documents containing names, phone numbers, and email addresses of employees and NASCAR sponsors to scans of invoices.
The Daily Dot attempted to reach NASCAR to inquire about the alleged ransom but did not receive a reply.
Since its founding in 2021, Medusa, according to a joint cybersecurity advisory published last month by CISA and the FBI, has infiltrated over 300 organizations, targeting a “variety of critical infrastructure sectors” that include companies in “medical, education, legal, insurance, technology, and manufacturing” fields.
Internet culture is chaotic—but we’ll break it down for you in one daily email. Sign up for the Daily Dot’s web_crawlr newsletter here. You’ll get the best (and worst) of the internet straight into your inbox.
