See what I did there? 😉 It’s a three-post day because I couldn’t resist that line covering this story about the San Francisco 49ers ransomware attack. Here’s what reportedly happened.

According to the AP (Ransomware gang says it has hacked 49ers football team, written by Alan Suderman), cyber criminals claim they stole financial data in the 49ers ransomware attack.

The ransomware gang BlackByte recently posted some of the purportedly stolen team documents on a dark web site in a file marked “2020 Invoices.” The gang did not make any of its ransom demands public or specify how much data it had stolen or encrypted.

The team, which is among the most valuable and storied franchises in the NFL and lost a close playoff game to the eventual Super Bowl champion Los Angeles Rams two weeks ago, said in a statement Sunday that it recently became aware of a “network security incident” that had disrupted some of its corporate IT network systems. The 49ers said they’d notified law enforcement and hired cybersecurity firms to assist.

“To date, we have no indication that this incident involves systems outside of our corporate network, such as those connected to Levi’s Stadium operations or ticket holders,” the team said in a statement, referencing its home stadium.

BlackByte is a ransomware-as-a-service group (yes, that’s a real thing). That means it’s decentralized, with independent operators developing the malware, hacking into organizations or filling other roles. It’s part of a trend of ransomware groups becoming increasing professionalized. A recent report by the FBI, NSA and others said that ransomware operators are even setting up an arbitration system to resolve payment disputes among themselves. Ransomware is big business these days.

The story has more information about the 49ers ransomware attack and general ransomware trends. Hat tip to Terry Kurzynski of Halock for the heads up on the story. I’ll have another ransomware story later this week (that’s known as a “teaser” in the blogging biz!).

Of course, I should make the obligatory joke here that you’re hearing about a 49ers ransomware attack because they have a good team (that almost made it to the Super Bowl) and actually have valuable data to steal – unlike my Houston Texans! 🙁 Just kidding…

So, what do you think?  Who will be the next victim of a ransomware attack? They happen almost every day now! Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.