The organizers of the Belgian Grand Prix – one of Formula 1’s most anticipated events – have suffered a cyber security breach after hackers reportedly infiltrated the official contact email.
On Sunday, March 17, threat actors allegedly compromised access to the email account and launched a phishing campaign, targeting fans eager to attend the prestigious race at the Circuit de Spa-Francorchamps.
The phishing attacks were carried out using a fake €50 gift voucher sent to fans looking to purchase tickets for the upcoming event, which will take place from July 26 to 28.
Formula 1 fans targeted by phishing campaign
The link in the email directs unsuspecting victims to a page designed to look like the real Spa Grand Prix portal, but the malicious site instead collects confidential and personal information, including payment information.
Race organizers alerted customers within hours of detecting the phishing attempts, but for many it was too late. The organization also asked its IT security subcontractor to strengthen defenses against future breaches.
One day after the attack, SPA GP also filed a formal complaint with the Belgian cyber police, with plans to pursue a civil claim.
F1 organizers have yet to share many details about the scale of the attack. Ny Breaking has asked the event organizers for more details, but we did not immediately receive a response.
In the meantime, the organization says the ongoing criminal investigation should allow the cause of the attack to be determined.
However, due to concerns over compromised data, customers who have purchased tickets are urged to contact the SPA GP secretariat for assistance. More generally, potential victims can take other proactive measures to protect themselves online, such as regularly changing passwords and monitoring accounts for suspicious activity.