The NBA (National Basketball Association) is notifying followers of a data breach after a third-party company providing a newsletter service was breached.
The National Basketball Association (NBA) is a professional basketball league in Northern America composed of 30 teams (29 in the United States and 1 in Canada). It is one of the major professional sports leagues in the United States and Canada and is considered the premier men’s professional basketball league in the world.
NBA launched an investigation into the security breach with the support of external cybersecurity experts to determine the extent of the incident.
The NBA pointed out that its systems were not impacted, according to the data breach notification sent to the fans, the incident affected an unknown number of individuals.
BleepingComputer, which first reported the news, confirmed that some fans’ personal information was stolen.
According to the association, an unauthorized third party accessed and created copies of the names and email addresses of some of its fans. The data breach did not compromise usernames, passwords, and other information.
“We recently became aware that an unauthorized third party gained access to, and obtained a copy of, your name and email address, which was held by a third-party service provider that helps us communicate via email with fans who have shared this information with the NBA,” reads the data breach notification, as reported by BleepingComputer.
“There is no indication that our systems, your username, password, or any other information you have shared with us have been impacted.”
Even if credentials were not exposed as a result of this incident, fans must be vigilant for phishing attacks and other fraudulent activities that could target them by abusing the exposed information.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, NBA)