After being hit by a ransomware attack, NFL’s San Francisco 49ers are facing a lawsuit by the Oakland firm Cole & Van Note. The case was initiated on behalf of its clients impacted by the data breach. Consumer rights law firm Cole & Van Note announced its investigations of the San Francisco 49ers on September 6, 2022.
According to reports, the incident impacted the names, dates of birth and social security numbers of individuals whose data was stored in the corporate IT network of the 49ers.
What the lawsuit says
Cole & Van Note announced an investigation of the football team, 49ers, with regards to the data theft that took place after the BlackByte ransomware gang stole information from its corporate IT network. The cybercrime impacted the records of 20,930 individuals and took over six days between February 6 through 11 to take place.
The lawsuit filed in Santa Clara County Superior Court alleged the San Francisco 49ers of invasion of privacy, negligence, unfair business, and unjust enrichment. The law firm intends to create a more secure system for its clients with this legal action.
Investigations of the case
The cybersecurity firm investigating the case confirmed that the systems did face unauthorized access to specific files on its network. Moreover, the lawsuit notice against the San Francisco 49ers urged the impacted individuals notified about the data breach to discuss the case with the firm assuring compensation for their losses.
The ransomware attack
As per reports, ransomware gang BlackByte stole the football team’s data and posted it on the dark web marked as “2020 Invoices”. However, no ransom demand was made by the hackers. Following the incident, the San Francisco 49ers confirmed the cyberattack.
Notifying the victims
The San Francisco 49ers officials notified the impacted individuals through emails on September 1, 2022. The data breach victims were offered free identity theft protection services for one year.
Soon after the breach was detected, the San Francisco 49ers activated their incident response plan. They took the necessary steps to stop further unauthorized access to its corporate IT networks and hired a cybersecurity firm to investigate the hacking. Additional reviews were conducted to determine the individuals impacted by access to the compromised files.
What the initial investigation confirmed
The investigation was concluded on August 9, 2022. San Francisco 49ers notified law enforcement, who are taking steps to prevent similar attacks in its systems. The measures include training in handling similar cyber-attacks and offering enhanced security protocol tips.