Leisure venue administration agency Legends Worldwide warns it suffered a data breach in November 2024, which has impacted workers and individuals who visited venues underneath its administration.
In a notification letter shared with the authorities, the corporate informs that it detected unauthorized exercise in its IT techniques on November 9, 2024, prompting an investigation carried out with the assistance of exterior cybersecurity specialists.
The investigation outcomes confirmed that the intruders had exfiltrated private information recordsdata, although the uncovered information varieties aren’t decided within the pattern letter.
Legends Worldwide is a world sports activities and leisure providers firm providing venue planning, gross sales, partnerships, hospitality, merchandise, and know-how options, with an annual income of over $1.1 billion.
It manages over 350 venues throughout 5 continents, together with the SoFi Stadium in Los Angeles, One World Observatory in New York, the AT&T Stadium in Texas, the Santiago Bernabeu and Camp Nou stadiums in Spain, and the Anfield and OVO Area Wembley within the UK.
Not too long ago, the corporate expanded its operations by buying ASM World, a number one venue administration firm with a worldwide footprint.
The scope of the data breach and the variety of uncovered people stays unknown. Nonetheless, given the scale of the corporate’s operations and the massive quantities of delicate information it manages, there’s floor for concern.
BleepingComputer has contacted the corporate to ask for extra particulars, however a remark wasn’t instantly obtainable.
Within the letter despatched to impacted people, Legends Worldwide says security measures had been already in place earlier than the incident, and it carried out extra measures when the techniques had been restored from the cyberattack. Nonetheless, no particular particulars about both got.
Letter recipients are supplied 24-month protection for id theft detection providers via Experian and are given till July 31, 2025, to enroll.
Legends Worldwide states within the letter that they aren’t conscious of any proof that private data has been misused on account of this incident, however individuals are suggested to stay vigilant.
On the time of scripting this, no ransomware teams have taken accountability for the assault at Legends Worldwide, so the kind of the assault and the perpetrators stay unknown.
