American Golf Corporation, a well-known and established entity in the golf industry in the United States, has recently found itself in the crosshairs of a cyberattack orchestrated by the notorious MEDUSA ransomware group. This criminal act has resulted in the theft of a substantial amount of sensitive data, amounting to 154.9 GB, which includes a plethora of crucial information such as email correspondence, members’ data, orders, full access account credentials, reports, licenses, passports, and financial data.
The American Golf Corporation, with an extensive history spanning over 50 years and involvement with more than 325 golf courses for various entities, currently manages over 70 facilities across the United States. The MEDUSA group, known for its malicious activities, has boldly shared details of the data breach on its dark web channel, the “MEDUSA BLOG,” along with a countdown timer adding a sense of urgency and pressure to the situation.
In a bold move, the cyber criminals behind the attack have set a ticking clock with a deadline of 8 days for the corporation to comply with their demands. The ransom amount demanded stands at a staggering $2,000,000, with an additional increase of $100,000 per day for every day that the payment is delayed. Furthermore, the hackers have offered an alternative option of deleting all the exfiltrated data for the same ransom amount.
In response to this heinous act, the American Golf Corporation has chosen to remain tight-lipped, refraining from issuing an official statement or response regarding the breach. Despite attempts by organizations like The Cyber Express to gather insights and information from the corporation, no substantial details have been provided at the time of reporting.
This cyberattack on American Golf Corporation draws parallels to previous incidents within the golfing industry. In 2018, the Professional Golfer’s Association (PGA) of America fell victim to a ransomware attack, locking files associated with prestigious events like the PGA Championship and Ryder Cup. Similarly, Callaway, a prominent golf club maker, reported a data breach last year affecting over a million individuals, with compromised information ranging from account passwords to personal details.
The MEDUSA ransomware group has been on an alarming rise in recent times, intensifying its attacks across various sectors and countries. The harrowing incident involving the Harry Perkins Institute in Australia and the AJE Group in Peru sheds light on the brazen tactics employed by these cyber criminals, demanding hefty ransoms in exchange for stolen data.
Operating as a Ransomware-as-a-Service (RaaS) platform, MEDUSA provides the necessary tools and infrastructure for cyber criminals to execute sophisticated attacks. By leveraging public exposure and coercion tactics, the threat actors instill fear and pressure organizations into complying with their exorbitant demands.
As the situation unfolds, the authenticity of the ransomware attack on American Golf Corporation remains a point of contention. The potential ramifications of this breach are grave, underscoring the importance of cybersecurity measures in safeguarding sensitive data. The Cyber Express will continue to monitor this evolving scenario and provide updates as more information surfaces.
It is imperative for organizations to fortify their defenses against such cyber threats and adopt robust security protocols to mitigate the risk of falling prey to nefarious actors in the digital realm. The evolving landscape of cybercrime necessitates proactive measures to ensure data protection and uphold the integrity of businesses in an increasingly interconnected world.