NASCAR confirms data breach after ransomware group claims to steal 1 TB of data

Published

July 25, 2025

Updated

July 25, 2025

NASCAR

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

On April 3, 2025, the National Association for Stock Car Auto Racing (NASCAR) identified and began addressing a cybersecurity incident.

The organization acted quickly by securing its systems and engaging a third-party cybersecurity firm to conduct a thorough investigation and law enforcement was also notified. The investigation determined that between March 31 and April 3, 2025, an unauthorized actor accessed NASCAR’s network and acquired certain files.

On June 24, 2025, NASCAR concluded that these files contained sensitive information, including names and Social Security numbers. They were able to determine the breach affected one person in Maine, four in Massachusetts, and one in New Hampshire, according to official filings with state authorities.

The severity of the breach is heightened by the method of attack. The ransomware group MEDUSA claimed responsibility for the incident, stating on a dark web site that they had obtained NASCAR’s data and threatened to publish it within 10 to 11 days. This kind of ransomware attack typically involves both data theft and the risk of public exposure if ransom demands are not met.

‍

Screenshot of NASCAR's ransomware demand on the dark web — NASCAR ransomware demand on the dark web

The official disclosures can be found on the Maine Attorney General’s website, Massachusetts Attorney General’s website, and the New Hampshire Attorney General’s website.

NASCAR's response

As a resource for those impacted, NASCAR is providing complimentary credit and identity monitoring services through Experian’s IdentityWorks for a period of up to two years. This service includes credit monitoring across all three major bureaus, identity restoration support, and up to $1 million in identity theft insurance.

Affected individuals can find instructions for enrolling in these services in the notification letter they received. NASCAR also established a dedicated toll-free call center for questions about the incident.

Those affected should take the following steps:

Enroll in the complimentary credit monitoring service as soon as possible
Regularly review credit reports for any unauthorized activity
Consider placing a fraud alert or security freeze on credit files with Equifax, Experian and TransUnion
Remain vigilant for signs of identity theft and report any suspicious activity to the Federal Trade Commission and local law enforcement