Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Entertainment venue management firm Legends International disclosed a data breach

Legends International disclosed a data breach from November 2024 that affected employees and visitors to its managed venues. Legends International is a global leader in sports and entertainment venue management, specializing in delivering comprehensive solutions for stadiums, arenas, and attractions. The company offers a 360-degree service platform that includes strategic planning, sales, partnerships, hospitality, merchandise, […]

Xsolis

Legends International disclosed a data breach from November 2024 that affected employees and visitors to its managed venues.

Legends International is a global leader in sports and entertainment venue management, specializing in delivering comprehensive solutions for stadiums, arenas, and attractions.

The company offers a 360-degree service platform that includes strategic planning, sales, partnerships, hospitality, merchandise, and technology solutions.

On November 9, 2024, Legends International detected unauthorized activity on its IT systems, took action to stop it, and launched an investigation with the help of external cybersecurity experts.

“On November 9, 2024, we identified certain unauthorized activity occurring on our IT systems. After learning of this, we began taking steps to terminate the activity, and took certain of our systems offline as a precaution. An investigation was launched with assistance from external cybersecurity experts. Law enforcement was also notified.” reads the data breach notification letter sent to impacter individuals. “We subsequently determined that certain Legends files had been accessed and acquired during the unauthorized activity. A review was initiated to determine if any personal information was included in those files and to whom that personal information pertains.”

The investigation revealed that some files were accessed, and the company confirmed that a review is underway to determine if personal data was involved.

Legends said they had security measures in place before the incident and enhanced them afterward. The company is not aware of any misuse of personal data, but 24 months of free Experian IdentityWorks are offered as a precaution.

The company has not disclosed the number of affected individuals, nor has it provided technical details about the attack.

At this time, no criminal group has claimed responsibility for the attack.

The company advises staying vigilant against identity theft or fraud by regularly reviewing account statements and credit history for unauthorized activity. They also recommend enrolling in their credit monitoring service and refer to Attachment B for more information on protecting personal information.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Legends International)