- Legends International publishes a data violation notification letter
- He says he suffered a cyber attack and data violation in November 2024
- Research on the nature of stolen data is ongoing
Legends International, a company that provides premium services for sports and entertainment places, has confirmed that suffering a cyber attack and losing confidential data.
In a letter of sample data violation, the company said it identified the “unauthorized activity” in its IT systems at the beginning of November 2024.
After taking parts of his infrastructure down and executing an investigation, he discovered that “certain legends files” during the attack had been accessed and exfiltrated.
Under investigation
The letter does not discuss the nature of the stolen data, so we do not know if it is usual (names, email addresses, postal addresses), or if it includes more confidential information (payment data, driver’s license numbers, social security numbers, etc.).
Most likely, the basic information, belonging to the former employees and customers, takes, given the way in which the legends wrote it in the letter: “It seems that the legends had their personal information in these files because it worked or visited a place administered by legends.”
The company offered 24 months of free identity theft services to affected people, through Experian. The victims have until July 31, 2025 to register.
This, Cyberinsider argues, could also mean that “highly sensitive personal data was also taken.”
The investigation seems to be ongoing, and the police have been notified. Therefore, we still don’t know how many people could have been affected. However, since the organization is quite large, it could be an important incident.
Legends International employs approximately 5,800 people on six continents and recently reported an estimated annual income of $ 1.7 billion for the period ending on March 31, 2024.
At the time of the publication, no threat actor assumed the responsibility of the attack, and Legends has not found that the data is shared anywhere online.
Even so, the company urged its former employees and clients to remain attentive and closely monitor the account states and credit history for any sign of unauthorized transactions.
