Hive Ransomware Attacks NYRA Bets

The Hive ransomware group has claimed responsibility for an attack on the New York Racing Association (NYRA), which operates the three largest thoroughbred horse racing tracks in New York: Aqueduct Racetrack, Belmont Park, and Saratoga Race Course. The attack occurred on June 30, 2022, and led to the leak of sensitive information from employees and their beneficiaries.

NYRA, which had a revenue of over $226 million last year and employs nearly 800 people, discovered "suspicious network activity that had the markings of a potential cyberattack" and immediately suspended the connectivity of all affected systems, notified the relevant law enforcement and regulatory authorities, and mobilized cybersecurity professionals to investigate the nature and scope of the attack.

The hackers gained access to files containing personally identifiable information of a group of NYRA employees and their beneficiaries, but the damage to the NYRA network did not interrupt day-to-day racing operations, customer wagering activity, NYRA Bets, or NYRA television.

Hive's Growing Threat

Hive, which first appeared in June 2021, has become one of the most active ransomware groups, registering more than 150 attacks between August 2021 and January 2022. The group has been implicated in attacks on critical infrastructure, healthcare organizations, and more.

The attack on NYRA Bets is part of a broader trend of ransomware attacks on various industries, including critical infrastructure, healthcare, and telecommunications. Organizations must remain vigilant and implement robust cybersecurity measures to protect against such threats.

Sources

• BleepingComputer: Hive ransomware claims attack on New York Racing Association
• The Record: Cyberattack on New York Racing Association leaked personal info of employees