NASCAR A.I CyberSecurity Scoring
NASCAR
Company Information
Website:https://careers.nascar.com/
Employees number:2,468
Number of followers:97,064
NAICS:7112
Industry Type:Spectator Sports
Homepage:nascar.com
NASCAR Risk Score (AI oriented)
Between 0 and 549
NASCARSpectator Sports
Updated:
31/03/2026
31/03/2026
245/1000
Critical
C
NASCAR Global Score (TPRM)
xxxx
NASCARSpectator Sports
Score locked

NASCARCritical
Current Score
245C (CRITICAL)
01000
5 incidents
-181 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
278
JUNE 2026
266
MAY 2026
263
APRIL 2026
255
MARCH 2026
245
FEBRUARY 2026
414
Ransomware
24 Feb 2026 • NASCAR
Comcast and NASCAR: North Korean Lazarus Group Adopts Medusa Ransomware in Global Attacks
North Korean Lazarus Group Expands into Ransomware with Medusa Attacks
233
CRITICAL-181
NASCOM1771979720
North Korean Lazarus Group Expands into Ransomware with Medusa Attacks
North Korea’s state-backed Lazarus Group has entered the commercial ransomware market, leveraging the Medusa ransomware-as-a-service (RaaS) operation to target organizations in the Middle East and the U.S. While an attempted breach of U.S. healthcare entities failed, the campaign underscores a growing trend: nation-state actors adopting cybercrime tools for financial gain.
Since its emergence in 2023, Medusa has been linked to over 300 successful attacks, including high-profile victims like Comcast and NASCAR. By partnering with Medusa, Lazarus gains access to an established criminal infrastructure, obscuring its identity behind typical ransomware affiliates and complicating attribution for defenders.
The group’s attacks follow a multi-stage process, beginning with the deployment of tools to disable security protections. Custom backdoors like Blindingcan and Comebacker establish persistent access, while credential theft tools (ChromeStealer, Mimikatz) and data exfiltration utilities (Infohook, RP_Proxy) extract sensitive information before ransomware deployment. By the time Medusa encrypts systems, attackers have already exfiltrated critical data.
Recent targets reveal a focus on vulnerable institutions, including a U.S. mental health nonprofit and a school for children with autism. Ransom demands average $260,000 a calculated figure designed to pressure cash-strapped organizations into paying quickly. This strategy aligns with Lazarus’ broader shift toward financially motivated attacks, following a similar 2024 collaboration between North Korea’s Jumpy Pisces (Andariel) and the Play ransomware group.
Experts note the tactical logic: targeting underfunded sectors like healthcare and education maximizes emotional leverage, increasing the likelihood of payment. The convergence of state-sponsored espionage and ransomware operations means even small organizations previously overlooked by advanced threat actors now face sophisticated, government-backed cyber threats.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JANUARY 2026
434
DECEMBER 2025
425
NOVEMBER 2025
415
OCTOBER 2025
405
SEPTEMBER 2025
394
AUGUST 2025
384
APRIL 2025
489
Ransomware
13 Apr 2025 • NASCAR
NASCAR: Medusa ransomware gang claims to have hacked NASCAR
Medusa Ransomware Gang Claims Breach of NASCAR
294
CRITICAL-195
NAS1770566035
Medusa Ransomware Gang Claims Breach of NASCAR, Demands $4M Ransom
The Medusa ransomware-as-a-service (RaaS) group has alleged a breach of NASCAR’s computer systems, claiming to have exfiltrated over 1TB of sensitive data. In a post on its dark web leak site, the gang demanded a $4 million ransom for the deletion of the stolen files, accompanied by a countdown timer threatening public release. The deadline can be extended for $100,000 per day.
To substantiate its claims, Medusa published screenshots of purported internal NASCAR documents, including employee and sponsor contact details, financial reports, invoices, and a directory of exfiltrated files. While NASCAR has not confirmed the attack, the evidence presented appears credible.
Medusa has been active in targeting high-profile organizations, with the FBI and CISA issuing a joint advisory last month warning of its impact on over 300 entities across critical sectors, including healthcare, education, and manufacturing. Past victims include Minneapolis Public Schools, which suffered a 92GB data leak after refusing a ransom, as well as cancer centers and British high schools. The group has also previously claimed to have stolen Microsoft source code.
This incident follows a pattern of cyberattacks on major sports organizations. In 2016, NASCAR-affiliated team Circle Sport-Leavine Family Racing paid a ransom after a TeslaCrypt attack, while in March 2025, NASCAR’s official Twitter account was hijacked to promote a fraudulent cryptocurrency scheme. If confirmed, this breach would mark another high-profile disruption in the sports industry.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
APRIL 2025
634
Ransomware
08 Apr 2025 • NASCAR
NASCAR
Medusa Ransomware Attack on NASCAR
488
CRITICAL-146
NAS301040825
The Medusa ransomware gang has compromised NASCAR, demanding a $4 million ransom and threatening to expose sensitive data. Leaked documents include operational and logistical information, employee details, and corporate branding materials, indicating a substantial data breach. If the ransom is unpaid, further leaks are anticipated. This attack endangers NASCAR's operational security and may have significant repercussions on their business continuity and stakeholder trust.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
MARCH 2025
728
Ransomware
01 Mar 2025 • NASCAR
NASCAR
NASCAR Data Breach
630
CRITICAL-98
NAS553072725
NASCAR, the National Association for Stock Car Racing, experienced a data breach in March 2025 due to a cyberattack. The incident exposed the Social Security numbers of an unknown number of victims. The company identified the attack on April 3 and began an investigation, involving law enforcement and a cybersecurity firm. The breach notification letters were sent out to victims on July 24, offering one year of credit monitoring services. Medusa ransomware gang claimed responsibility, demanding a $4 million ransom and threatening to publish exfiltrated data if not paid by April 19.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
DECEMBER 2024
771
Cyber Attack
25 Dec 2024 • NASCAR
SolarWinds, Kaseya, MoveIt Transfer, PowerSchool, DaVita, NASCAR, Marks & Spencer, Caesars Entertainment and Change Healthcare: Ransomware trends, statistics and facts in 2026
Ransomware Trends and High-Profile Attacks (2024-2025)
726
CRITICAL-45
DAVCAECHAPOWKASFILMARSOLNAS1770898846
Ransomware in 2025–2026: Evolving Threats, Rising Costs, and High-Profile Attacks
Ransomware remains a critical threat to governments, businesses, and critical infrastructure, disrupting healthcare, fuel distribution, retail, and identity security. Financial and operational impacts have intensified, with attackers refining tactics to maximize damage and extortion.
### Key Ransomware Trends
1. Supply Chain Attacks – Threat actors increasingly target software vendors to compromise multiple downstream victims. Notable incidents include:
- 2023 MoveIt Transfer breach (Clop ransomware gang)
- 2021 Kaseya attack (1,500+ MSP customers affected)
- 2020 SolarWinds hack
2. Triple Extortion – Beyond encrypting data and threatening leaks, attackers now demand payment to prevent additional attacks. The Vice Society group used this tactic in its 2023 attack on San Francisco’s BART system. Leading ransomware groups like LockBit 5.0 now use private negotiation portals for targeted extortion.
3. Ransomware-as-a-Service (RaaS) – Cybercriminals lease pre-built ransomware tools and infrastructure, lowering the barrier to entry for attacks.
4. Exploiting Unpatched Systems – While zero-day vulnerabilities draw attention, most ransomware exploits known flaws in outdated software.
5. Phishing & AI-Driven Attacks – Phishing remains a primary infection vector, while generative AI enhances social engineering lures, reconnaissance, and attack automation.
### Ransomware by the Numbers (2025)
- 44% of breaches involved ransomware (Verizon 2025 DBIR), a 37% increase from 2024.
- 88% of SMB breaches included ransomware, compared to 39% in large enterprises.
- 34% rise in attacks in the first three quarters of 2025 (Total Assure).
- 5,010 U.S. incidents in the first 10 months of 2025 a 50% increase from 2024 (Cyble).
- 85% of attacks go unreported (BlackFog).
- Median ransom payment: $267,500 (Palo Alto Networks 2025).
- Average ransom payment: $1 million (Sophos 2025), down from $2 million in 2024.
- Average insurance claim: $292,000 (Coalition 2025), a 7% decrease from 2024.
### Notable 2024–2025 Ransomware Attacks
- PowerSchool (Dec. 2024) – Exposed data of 62M students and 9.5M teachers across North America.
- Yale New Haven Health (Mar. 2025) – Compromised 5.6M patient records; settled a class-action lawsuit for $18M.
- NASCAR (Apr. 2025) – Medusa ransomware gang stole 1TB of data and demanded $4M.
- DaVita (Apr. 2025) – 2.7M patients’ health data exposed by Interlock ransomware.
- Marks & Spencer (May 2025) – Pay2Key ransomware disrupted operations, contributing to a 90% profit drop.
- Ingram Micro (Jul. 2025) – SafePay ransomware caused service disruptions and revenue losses.
- Change Healthcare (2024) – Initially reported 100M+ victims; revised to 193M by mid-2025.
- LoanDepot (2024) – Attack disrupted loan services for 16.6M customers.
- MGM Resorts & Caesars Entertainment (2023) – High-profile attacks crippled Las Vegas casino operations.
### Future Ransomware Predictions
- AI-Powered Automation – Attacks will become faster, more persistent, and harder to detect (Trend Micro).
- Voice-Based Vishing – AI-generated calls will rise as a social engineering tactic (Zscaler).
- Encryption-Free Extortion – More groups will skip encryption, relying solely on data theft threats (SentinelOne).
- GenAI-Enhanced Phishing – AI will enable more convincing, large-scale phishing campaigns.
Ransomware shows no signs of slowing, with attackers leveraging AI, supply chain vulnerabilities, and multi-layered extortion to escalate both frequency and impact.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for NASCAR ??
What was NASCAR's A.I Rankiteo Cyber Score in June 2026 ??
What was NASCAR's A.I Rankiteo Cyber Score in May 2026 ??
What was NASCAR's A.I Rankiteo Cyber Score in April 2026 ??
What was NASCAR's A.I Rankiteo Cyber Score in March 2026 ??
What was NASCAR's A.I Rankiteo Cyber Score in February 2026 ??
What was NASCAR's A.I Rankiteo Cyber Score in January 2026 ??
What was NASCAR's A.I Rankiteo Cyber Score in December 2025 ??
What was NASCAR's A.I Rankiteo Cyber Score in November 2025 ??
What was NASCAR's A.I Rankiteo Cyber Score in October 2025 ??
What was NASCAR's A.I Rankiteo Cyber Score in September 2025 ??
What was NASCAR's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on NASCAR's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with NASCAR ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view NASCAR's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?