NASCAR Confirms Medusa Ransomware Breach After $4M Demand

Medusa Ransomware breached NASCAR, demanded $4 million, leaked sensitive data including maps and staff info, exposing major security failures. The incident was exclusively reported by Hackread.com.

In April 2025, Hackread.com exclusively reported that the Medusa ransomware group had claimed responsibility for breaching the National Association for Stock Car Auto Racing (NASCAR) and was demanding a $4 million ransom. NASCAR has now confirmed that its systems were indeed compromised, validating Hackread.com’s earlier reporting.

According to the data breach notification filed with the Office of the Maine Attorney General, the incident occurred on March 31, 2025, and was discovered on June 24, 2025. However, Hackread.com had alerted NASCAR about Medusa’s breach claims on April 8, 2025, but the company neither responded nor acknowledged the inquiry.

While NASCAR did not disclose how many individuals were affected, it ...