The National Basketball Association (NBA) has notified its fans of a data breach after segments of personal information stored on a third-party service were stolen. The organization has warned of a heightened risk of phishing attacks.
The NBA sent notification emails concerning a recent cybersecurity incident to an unknown number of fans.
"We recently became aware that an unauthorized third party gained access to and obtained a copy of your name and email address, which was held by a third-party service provider that helps us communicate via email with fans who have shared this information with the NBA," the association said.
The NBA, a global sports and media organization that manages five professional sports leagues in the US and Africa, stressed that its systems were not breached and the fan’s credentials – usernames and passwords – were not compromised.
However, the NBA appeared to admit that the data involved is sensitive, in that affected individuals could be targeted in phishing attacks and other kinds of social engineering scams.
That’s why fans are urged to remain vigilant when opening suspicious emails that may seem to originate from official NBA sources – for example, a legitimate “@nba.com” email address.
People should also double check if embedded links in emails point to a trusted website, and avoid opening attachments they weren’t expecting to receive. The NBA added it would never ask for a fan’s username and password by email.
The NBA has activated its incident-response procedures. It is now working with the third-party service provider as part of an ongoing investigation and has hired the services of external cybersecurity experts to analyze the scope of the impact.
Your email address will not be published. Required fields are markedmarked