While very different, there is a lot of common ground between the Formula 1’s International Automobile Federation (FIA) and the National Association for Stock Car Auto Racing (NASCAR). However, today we won’t be discussing similarities in team structures and driver development; instead, we’ll focus on the fact that both organizations experienced cybersecurity incidents earlier this year. In April 2025, NASCAR was attacked by the Medusa ransomware group, and a few months later, three white hat hackers stumbled upon a security flaw while casually reviewing the FIA ecosystem. The NASCAR attack resulted in a $4 million ransom request from the bad actors. It also confirmed that sensitive information belonging to NASCAR fans and staff was stolen. The FIA only got away with a slap on the wrist from the ethical hackers. It still had to deal with some bad publicity.
Key takeaways
- NASCAR was hacked in April 2025 by a popular cyber gang while exposing sensitive information belonging to an undisclosed number of people
- FIA had a cybersecurity fault found by white hat hackers affecting drivers, which includes the current F1 champion, Max Verstappen
- White hat hackers and black hat hackers continue to point out insecurities in individuals and organizations of all sizes and backgrounds.
NASCAR cybersecurity incident explained
NASCAR got hacked by a foreign cyber gang called Medusa. The stock car racing company confirmed that fraudsters stole personal information and were demanding a $4 million ransom. Even though the incident happened in April 2025 and took months for NASCAR to publicly acknowledge it, it is still unknown how many fans and staff members of NASCAR were affected by the breach. The incident happened between March 31st and April 3rd, and hackers allegedly stole approximately one terabyte of data. The data included exceptionally sensitive information, such as names, email addresses, and Social Security numbers (SSNs) of NASCAR fans and employees. NASCAR also never confirmed whether they paid the requested $4 million ransom to the bad actors. However, the motorsport company did notify the affected victims and offered them limited free identity theft monitoring.
Formula 1’s FIA incident summary
Three cybersecurity researchers stumbled upon a loophole in the FIA systems in June 2025. The hackers accessed extremely sensitive personal information belonging to some of the biggest names in motorsports, including Formula 1 drivers. The white hat hackers found a vulnerability that gave them access to the FIA driver categorization website, which contains details on approximately 7,000 drivers.
Luckily, the cyber researchers had good intentions and reported the vulnerability to the FIA without copying or distributing any sensitive information they found in the database. Right after FIA became aware of the cyber problem, they took immediate steps to secure the drivers’ data. They also reported the issue to the authorities and the affected drivers. FIA did not disclose the names of all affected drivers. Those in the Drivers categorization include current F1 champion Max Verstappen and other well-known motorsport figures from past and present. The exposed information includes drivers’ licenses, passports, and other personal details of drivers such as Lando Norris. It also includes names from the recent past, like Jacques Villeneuve and Jenson Button.
What is the difference between white hat and black hat hackers?
The cyber incidents at NASCAR and FIA clearly show how white hat and black hat hackers operate. White hackers and bounty hunters look for security flaws. They then report them to the organizations, which patch the loopholes. Black Hat hackers are solely driven by monetary gain. They exploit similar loopholes not to help, but to extort individuals and organizations. In both cases, the organization has failed to protect itself and its customers. At least it still has a chance to improve its security.
Data breaches over the years, with billions of personal records leaked, have shown a harsh reality. Not many companies get the luxury of being given a second chance. And businesses that think they can buy their way out of a ransomware attack usually get a rude awakening. They see their stolen information published online after paying the ransom meant to keep things quiet and under the radar.
Whether you are a car racing fan/driver or a health worker/patient, your personal details are out there stored on servers and clouds, and data breaches are happening every day. Both individuals and organizations often fail to protect themselves and their customers. Cyber criminals are a threat to everyone. From a past/present World Drivers’ Champion worth $150+ million, to a regular racing car fan who barely affords an F1 ticket. None of the affected drivers expected their name to be among the victims of the NASCAR incident earlier this year. Nor did the racing fans and employees who lost personal information, which will likely remain on the dark web forever. If you want to make sure you are ahead of the pack, consider installing high-end antivirus software on all your connected devices.