In the world of cybercrime, no company, individual, or organization/promotion is safe. Threat actors will target anyone that deems beneficial to them – even 2K Games suffered a data breach a while ago. Now, none other than NBA has disclosed that it witnessed unauthorized access within a third-party’s systems.
The National Basketball Association sent notices to fans, informing them that a breach had taken place and their personal information might be at risk.
The leading basketball association is big in every word. A breach that exposes its fans’ data would definitely be worse than anyone can imagine. How did it happen? How many were impacted? Find out below.
Personal Information At Risk – NBA Warns Fans
When a data breach occurs, the first thing we think about is what the threat actors might do with the data. Of course, this depends on how crucial the information is.
If it’s basic data such as email addresses, it can go as far as phishing campaigns. A phishing attack is one of the most dangerous forms of malicious activity since no one can comprehend how impactful it would be.
Since NBA is a huge name in the industry, a breach that exposes its fans can cause a lot of damage. The promotion claims that the breach did not affect any of its systems, nor did it impact its fans’ credentials.
However, the threat actors behind it did harvest some of their personal information. NBA explained the incident in the following statement:
“We recently became aware that an unauthorized third party gained access to, and obtained a copy of, your name and email address, which was held by a third-party service provider that helps us communicate via email with fans who have shared this information with the NBA.
There is no indication that our systems, your username, password, or any other information you have shared with us have been impacted.”Source: Bleeping Computer
As we mentioned, the NBA’s system wasn’t the target. Cybercriminals infiltrated a third-party newsletter service the NBA works with to siphon the data.
From Swishing to Phishing
The NBA also advised its fans to stay vigilant as phishing attacks might occur in the near future. The data can allow the threat actors to practice this malicious activity.
“Given the nature of the information, there may be heightened risk of you receiving ‘phishing’ emails from email accounts appearing to be affiliated with the NBA, or of being targeted by other so-called ‘social engineering’ attacks (where an individual seeks to trick the target into sharing confidential information or otherwise taking actions contrary to his or her own interest.”
NBA is investigating the incidents with third-party firms. It did also mention that under no circumstance would it ask for credentials via email. So, be careful.
If you receive an email from NBA requesting some sort of login, make sure you ignore that and visit the official website manually.
The NBA Breach – They Shoot, They Score
When it comes to phishing emails, the entire process can be stopped instantly. How? All you have to do is ignore the link within the email.
Always make sure that the embedded links point to a trusted website. If you can avoid them, it would be perfect. Just visit the official website manually, and you’ll save yourself from falling into such a predicament.