“NASCAR might be f—–.” Those are not words usually heard from anyone in the sport. But when NASCAR is held hostage to a $4 million demand, things get serious. If you’ve been following the controversy so far, the Medusa ransomware gang stole data from NASCAR and slapped a 10-day timer on it. And we’re talking sensitive information that includes employee data, invoices, sponsor details, and so much more.

That’s when veteran insider and podcaster Large uttered those words regarding a ransomware attack, they resonated with something far worse than a cybersecurity blip. 

It’s very rare for ransomware attacks to bump into the brightly lit world of high-octane motorsports, and when they do, it translates into nothing but a crisis. As one insider stated bluntly, “They’ve got absolutely everything.”

Barstool Sports personalities Large and Spider talked about the news on their show. Large explained, “There’s some wild fucking headlines, including the one that Spider hit us with last night, sometime after midnight, with this Medusa ransomware hitting NASCAR and demanding a $4 million ransom. I don’t know this company, but apparently that’s what they do. They break into, go through your spyware, they grab the most personal stuff that they can from a company, then they just blatantly demand money for it. So this is like a blatant extortion case and apparently they’ve also got Bridge Bank, McFarlane, Pulse Urgent Care.”

Poll of the day

Poll 1 of 5

Do you think NASCAR should pay the $4 million ransom to protect its sensitive data?

Yes, it's the only way to safeguard their information

No, they should stand firm and not give in to extortion

Maybe, but only if they can't secure the data otherwise

I don't care as long as the races continue

When did you watch your first NASCAR race?

They deserve more recognition

Their contributions are invaluable

I focus more on the drivers

I hadn't thought about them much before

We Want to Know
You Better!

Participate in our 5 min
survey & Win $50 gift card

Take The Survey

When there’s a big NASCAR race, how does your home usually look?

Annual tributes at major races

Create a Hall of Fame section for unsung heroes

Scholarships in their names

Focus on current and future talents

Do you think William Sawalich's aggressive driving style is to blame for the Rockingham crash?

Yes, he needs to be more cautious

No, it's just part of racing

Partially, but others were at fault too

I don't care as long as it's exciting

Who do you believe has the brighter future in NASCAR: Katherine Legge, Kasey Kahne, or Brent Crews?

Katherine Legge, she's got the experience

Kasey Kahne, he's a proven winner

Brent Crews, the young talent

None, it's too unpredictable

Want to dive deeper?

Here are the articles that inspired recent polls.

AD

Now this isn’t by any means a new tactic from Medusa. They’ve done this before. Medusa emerged back in 2021,  targeting schools, hospitals, and telecom services. There have been over 300 victims across industries that have fallen prey to them. In the last few weeks, they stepped up their game, stealing digital certificates to get past malware tools. Last month, the FBI and CISA got involved, sending a warning to companies about staying careful.

John Riggi, AHA national advisor for cybersecurity and risk, explained, “This well-known foreign ransomware group has conducted high impact ransomware attacks against hospitals, resulting in disruption and delay to health care delivery and posing a risk to patient and community safety. They routinely engage in double extortion, where they demand an extortion payment to not publish stolen patient data and a payment for the decryption key to unlock encrypted data and systems. This gang exploits stolen credentials and known vulnerabilities. It is recommended that the actionable threat intelligence contained in the alert be ingested into network defenses. It is also recommended that organizations prioritize patching of known exploited vulnerabilities, segment networks and employ best practices for identity and access management.” 

This is not an isolated case. Spider remarked on how Medusa issued that ultimatum in 2023 to Minneapolis Public Schools. In retaliation for not paying said $1 million ransom, they dumped sensitive data online. Large remarked, “They go in, open up your files, they release some stuff, enough so NASCAR knows that they have absolutely everything, and then say, give me $4 million or I’m going to release everything that you guys have ever done. This is fucking spooky, Spider, right? This is like espionage type stuff. I don’t even know how to, I don’t know anything about this, but NASCAR might be f——.”

While NASCAR has not put out an official statement, it will be a wake-up call for the organisation. This isn’t the first digital attack they’ve faced in recent times. Just a month ago, the official NASCAR X handle was hacked alongside the NBA account. At the time, there was a post on NASCAR’s profile that said it introduced ‘$NASCAR Token’, a cryptocurrency apparently built on Solana. Looking at the low quality of the press release attached to the post, some fans began questioning whether it was real or had NASCAR just been hacked.

As fans wait on an outcome on the hacking incident, let’s take a look at what the update is on the Michael Jordan and Co. versus NASCAR lawsuit.

Michael Jordan seeks out Roger Penske’s help against NASCAR

To prove that NASCAR operates as a monopoly has been one of the most difficult parts of 23XI and FRM’s campaign against NASCAR. It’s what they’ve based their entire argument against the governing body. And in that quest, they’ve reached out to a couple of sports. We’re talking NFL, NBA, NHL, and Formula 1 for internal data on revenue distribution. But they’ve had no luck so far.

NFL outright declined it, saying, “The Subpoena is based on the flimsiest of premises: that because Plaintiffs are suing NASCAR, they can obtain — by way of federal process — financials, financial projections, research, studies, analyses, and other highly confidential, proprietary, and commercially sensitive information belonging to almost every other major sports league in the United States.” After all, Jordan’s layer Kessler brought back free agency to NFL.

Sign up to Lucky Dog on Track

Get our top NASCAR stories, timely updates for every race week and news that slipped under your radar, newsletter trusted by 240K+ users

23XI hasn’t had any luck with Formula 1 owners Liberty Media either. With fading hope, they now look towards IndyCar for support. Owned by Roger Penske under the Penske Entertainment company, the open-wheeled series will be one of the last avenues to find some ground for the lawsuit to progress on.

However, for Jordan and Co., it’s also important to remember that Penske may or may not help. After all, neither Formula 1 nor NASCAR publicly reveals its revenue sharing formulas and data. Roger Penske might not be looking to go on NASCAR’s bad side by helping the Jordan faction out. Only time will tell how it all unfolds.