The French Rugby Federation confirmed on Thursday that it had been the victim of a cyberattack. The information had been revealed by the specialized site Le Mag It: the mafia franchise Play threatens to reveal “confidential private and personal” data, documents “of customers and employees, passports, HR, etc” on June 27. The French Federation reacted quickly, indicating that it had “taken measures to eliminate the malicious software, better known under the term “ransomware”. This type of attack involves a hacker encrypting all of the victim’s data, including backups, and demanding a ransom to provide the decryption password. The FFR has not received a ransom demand to date and will not wish to respond to it if necessary. The IT department secured the entire system and restored it to work.”
And the FFR to detail in a press release: “In accordance with its obligations under the GDPR (General Data Protection Regulation), the FFR made a first declaration of the incident to the CNIL within 72 hours, that it will complete according to its investigations. The federation has also entered into contact with the police services which accompany it in the management of the situation and with which the FFR collaborates closely.
“In terms of impact, the federation was unable to recover activity histories for some of the mailboxes that were encrypted during the attack,” the statement continued. The FFR continues, in conjunction with the authorities, to research and analyze the data that could have been exfiltrated as part of this attack, including e-mails, contacts and calendar information.
The operators of this Play ransomware are known to have hit the city of Lille in early March 2023, but also the Alpes-Maritimes department, ITS Group and Vocalcom. A first thorny problem to solve for the new president of the FFR, Florian Grill…