The Indiana Pacers, a major franchise team in the NBA was hit by a data breach between October 15, 2018, and December 4, 2018. Pacers Sports & Entertainment (PSE), which also manages operations of the Bankers Life Fieldhouse arena, said that unauthorized access to several of its employee accounts had been gained by “unknown actors”. The news comes soon after the Pacers were knocked out of the first round of the NBA playoffs, losing to the Boston Celtics.
Company behind Indiana Pacers and Indiana Fever said hackers breached employee accounts, stole personal data. https://t.co/n8fVEC1vcP
— Stealthcare (@Stealthcare_) May 13, 2019
Experts Comments:
Jonathan Deveaux, Head of Enterprise Data Protection at comforte AG:
Companies to focus on trying to keep outsiders out, but they still find a way to get in. Shifting priorities in data security to focus on protecting the data on the inside may help minimize the data criminals steal. Organizations should look at data-centric security, which turns real credit card numbers to fakes, turns names to gibberish, and other sensitive data is de-identified. Then, it doesn’t matter how an attacker gets in, or who the company is; the data isn’t exploitable.”
Colin Bastable, CEO at Lucy Security:
It looks like the attack lasted 6 weeks, which is a lot of time to have hackers active in your email system. Perhaps it took this long to assess the full extent of the intrusion, or perhaps they still don’t know extensive it was. The costs of data breaches escalate significantly in line with delayed detection and remediation.
The Atlanta Hawks website hack demonstrates the danger of “convenience”: the vulnerability appears to have come from integrating a third party solution, perhaps an accounting app or a reporting tool. Adding more moving parts to IT infrastructure in this way has a multiplier effect on cyber-insecurity.”
Dan Tuchler, CMO at SecurityFirst: