Leisure venue administration agency Legends Worldwide warns it suffered a knowledge breach in November 2024, which has impacted workers and individuals who visited venues underneath its administration.
In a notification letter shared with the authorities, the corporate informs that it detected unauthorized exercise in its IT programs on November 9, 2024, prompting an investigation carried out with the assistance of exterior cybersecurity consultants.
The investigation outcomes confirmed that the intruders had exfiltrated private information information, although the uncovered information sorts aren’t decided within the pattern letter.
Legends Worldwide is a worldwide sports activities and leisure providers firm providing venue planning, gross sales, partnerships, hospitality, merchandise, and expertise options, with an annual income of over $1.1 billion.
It manages over 350 venues throughout 5 continents, together with the SoFi Stadium in Los Angeles, One World Observatory in New York, the AT&T Stadium in Texas, the Santiago Bernabeu and Camp Nou stadiums in Spain, and the Anfield and OVO Enviornment Wembley within the UK.
Just lately, the corporate expanded its operations by buying ASM World, a number one venue administration firm with a worldwide footprint.
The scope of the info breach and the variety of uncovered people stays unknown. Nevertheless, given the dimensions of the corporate’s operations and the big quantities of delicate information it manages, there’s floor for concern.
BleepingComputer has contacted the corporate to ask for extra particulars, however a remark wasn’t instantly accessible.
Within the letter despatched to impacted people, Legends Worldwide says safety measures have been already in place earlier than the incident, and it carried out extra measures when the programs have been restored from the cyberattack. Nevertheless, no particular particulars about both got.
Letter recipients are supplied 24-month protection for identification theft detection providers via Experian and are given till July 31, 2025, to enroll.
Legends Worldwide states within the letter that they don’t seem to be conscious of any proof that private info has been misused on account of this incident, however individuals are suggested to stay vigilant.
On the time of penning this, no ransomware teams have taken duty for the assault at Legends Worldwide, so the kind of the assault and the perpetrators stay unknown.
