The NBA has notified its fans of a data breach, where an unauthorized third party gained access to some of their personal information held by a third-party newsletter service.
While NBA systems were not breached, the affected fans’ names and email addresses were stolen.
At the same time, NBA stated that it is working with the third-party provider as part of an ongoing investigation and has hired external cybersecurity experts to assess the impact. The NBA also warned its affected fans to watch out for phishing attacks and other scams, and to verify emails and never open unexpected attachments.
NBA programming and games are broadcasted worldwide, in over 215 countries and territories, spanning over 50 languages.
It is unclear how many fans were affected by the breach. The stolen information did not include any NBA systems, usernames, passwords, or any other data shared by the affected fans with the NBA.
The third-party service provider that assists the NBA in communicating with its fans is said to have held the stolen data. The NBA assured its fans that it would never ask for account information or credentials via email.
Furthermore, this incident highlights the importance of proper data management and cybersecurity protocols for organizations, including third-party vendors that handle sensitive data.
It also emphasizes the need for individuals to remain vigilant and cautious when receiving unexpected emails, verifying senders, and avoiding opening attachments or clicking on suspicious links.
