San Francisco 49ers defended against ransomware attack on Super Bowl Sunday

Dell Latitude 7390
Dell Latitude 7390 (Image credit: Windows Central)

What you need to know

  • The San Fransisco 49ers were attacked by the BlackByte ransomware group over the weekend.
  • The 49ers have notified law enforcement about the attack.
  • The BlackByte ransomware group encrypts files on compromised systems in attempts to force payment out of victims.

As if having to watch their cross-state rivals, the L.A. Rams, win the Super Bowl on Sunday wasn't bad enough, the San Francisco 49ers also had to deal with a ransomware attack over the weekend. The 49ers organization confirmed to ZDNet that it was attacked by the BlackByte ransomware group hours before the Super Bowl began on February 13, 2022.

The BlackByte ransomware group encrypts files as part of attacks to leverage ransom payment out of victims. The FBI and U.S. Secret Service shared a warning about the ransomware group (PDF) on February 11, 2022.

"As of November 2021, BlackByte ransomware had compromised multiple U.S. and foreign businesses, including entities in at least three U.S. critical infrastructure sectors (government facilities, financial, and food & agriculture)," stated the cybersecurity advisory. "BlackByte is a Ransomware as a Service (RaaS) group that encrypts files on compromised Windows host systems, including physical and virtual servers."

A San Fransisco 49ers spokesperson explained to ZDNet that the organization believes the incident was limited.

"While the investigation is ongoing, we believe the incident is limited to our corporate I.T. network; to date, we have no indication that this incident involves systems outside of our corporate network, such as those connected to Levi's Stadium operations or ticket holders," said a 49ers spokesperson. "As the investigation continues, we are working diligently to restore involved systems as quickly and as safely as possible."

The 49ers organization also contacted law enforcement regarding the ransomware attack.

Sean Endicott
News Writer and apps editor

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He's covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean's journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.