The National Basketball Association (NBA) has disclosed a data breach impacting the personal information of an unknown number of basketball fans.
According to a data breach notice, the incident stemmed from a security breach at an unnamed third-party newsletter service. Potentially stolen data includes the names and email addresses of NBA fans.
The NBA said no highly sensitive data, such as passwords, was stolen in the incident.
“There is no indication that our systems, your username, password, or any other information you have shared with us have been impacted,” the NBA added.
The exact scope and extent of the breach are unknown, and since no high-risk data such as SSN’s or financial info was shared with the newsletter service, the NBA is not legally obliged to supply additional details.
The organization said it will continue to investigate the cybersecurity event to properly asses its impact.
NBA fans have been urged to watch out for suspicious correspondence related to NBA topics. This includes social engineering schemes that may use supporter names and email addresses to conduct targeted phishing attacks.
NBA fans were also reminded that the organization will never request sensitive information such as passwords, usernames or credit card data via email and that they should never access unsolicited email attachments.