Hackers have targeted the governing body of international golf tournaments, the PGA, by locking officials out of crucial files.
The staff of the Professional Golfers' Association (PGA) realised on Tuesday morning that the systems had been compromised when attempts to access files for the upcoming tournaments generated an ominous message.
"Your network has been penetrated," the message stated. "All files on each host in the network have been encrypted with a strong algorithm. This may lead to the impossibility of recovery of certain files."
The files are allegedly related to this week's PGA Championships at Bellerive Country Club and next month's Ryder Cup in France and contain creative materials, such as extensive promotional banners and logos used in digital and print communications. There are even unseen designs for logos for future PGA events.
The hackers encrypted the files for ransom, offering a Bitcoin wallet number, but no ransom amount has been specified.
According to Golfweek, a spokesperson for the PGA said it would not comment on the situation as it is still ongoing and that the organisation had not yet resolved the issue.
Barry Shteiman, VP of research and innovation at Exabeam, highlighted the conundrum facing organisations that fall victim to ransomware.
"To pay or not to pay, that is the seemingly million-dollar question when it comes to ransomware," Shteiman said. "While many security experts warn about paying ransoms or entering into negotiations, the answer, in reality, comes down to simple economics.
"If the downtime caused by data being unavailable, or by the backup restoration process is more expensive than paying the ransom, then organisations should pay. Equally, if giving up on the encrypted data has a higher cost in lost revenue or intellectual property than remediation, then you can also see why an organisation would pay the ransom."
Over the last couple of years, a number of sporting events have been targeted by hackers, such as the Winter Olympic in North Korea, last season's Champions League Final in Kiev and this summer's World Cup, where Android users were tricked with malicious apps called 'Golden Cups'.
A study of ransomware victims released in March found that of those that paid up only 49% had their data handed back to them. Interestingly, of those that refused to pay, a staggering 89% said they eventually recovered their data.
-
Why keeping track of AI assistants can be a tricky businessColumn Making the most of AI assistants means understanding what they can do – and what the workforce wants from them
-
Nvidia braces for a $5.5 billion hit as tariffs reach the semiconductor industryNews The chipmaker says its H20 chips need a special license as its share price plummets
-
Cleo attack victim list grows as Hertz confirms customer data stolen – and security experts say it won't be the lastNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
‘Phishing kits are a force multiplier': Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackersNews Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Healthcare systems are rife with exploits — and ransomware gangs have noticedNews Nearly nine-in-ten healthcare organizations have medical devices that are vulnerable to exploits, and ransomware groups are taking notice.
-
Alleged LockBit developer extradited to the USNews A Russian-Israeli man has been extradited to the US amid accusations of being a key LockBit ransomware developer.
-
February was the worst month on record for ransomware attacks – and one threat group had a field dayNews February 2025 was the worst month on record for the number of ransomware attacks, according to new research from Bitdefender.
-
CISA issues warning over Medusa ransomware after 300 victims from critical sectors impactedNews The Medusa ransomware as a Service operation compromised twice as many organizations at the start of 2025 compared to 2024
-
Warning issued over prolific 'Ghost' ransomware groupNews The Ghost ransomware group is known to act fast and exploit vulnerabilities in public-facing appliances
-
The Zservers takedown is another big win for law enforcementNews LockBit has been dealt another blow by law enforcement after Dutch police took 127 of its servers offline
