NASCAR isn’t new to implementing the use of modern technology to enhance their racing product. In fact, the Next Gen car and the SMT data have brought out a new trend of racing, which is a different ball game compared to racing in the 90s and 2000s. But it seems like the use of modern tech has landed them in deep water, and this time around, it’s the Medusa ransomware gang. They are claiming to have taken control over the over “1.2TB” of private NASCAR data. We’re talking internal documents, employee names, phone numbers, emails, sponsor contracts, even scans of invoices—stuff that’s supposed to stay locked away. They’re holding it all hostage, demanding $4 million to keep it from spilling out onto the dark web. Four million!
They’ve slapped a 10-day timer on it—pay up by then, or it’s game over. They even shared a screenshot of a folder labeled “NASCAR Data” to prove they’re not bluffing. There has been no official statement made yet by NASCAR. It’s eerie, like the calm before a storm.
Medusa’s playing dirty by offering to delay the leak for an extra $100,000 per day if NASCAR needs time to scramble the cash, or they’ll let anyone with $4 million buy the whole stash. It’s not just NASCAR’s data at risk, think about the folks working at NASCAR—regular people with families, bills, lives. Their names, numbers, maybe even home addresses, could end up on some hacker’s hit list.
Imagine being an employee right now, knowing your personal info might be out there soon. And the sponsors? Big companies trusted NASCAR to keep their deals private, and now that trust’s shattered. The panic is rippling through their offices in Daytona Beach and Charlotte. And this isn’t Medusa’s first rodeo.
They’ve hit others recently—Bridgebank in Canada and Pulse Urgent Care in New York—and they love to “leak internal files” to crank up the pressure. They’ve been at this since 2021, targeting over 300 organizations, according to a CISA and FBI advisory from last year. That’s hundreds of victims—hospitals, schools, now NASCAR is next on their list.
NASCAR hit by ransomware group Medusa
On April 8, 2025, the #ransomware group Medusa claimed responsibility for a cyberattack on @NASCAR, listing the organization on their DLS.
According to their statement, Medusa exfiltrated over 1 TB of sensitive data.
NASCAR has now… pic.twitter.com/Q4NHXh57pK
— ransomNews (@ransomnews) April 8, 2025
So, what happens now? Will NASCAR cough up the $4 million? Can they even fight back against something this ruthless?
The post NASCAR Under Attack as Deviants Demand $4,000,000 in Ransom Amid Threats of Exposure appeared first on EssentiallySports.
