Cyber Incident Victim: Professional Golfers' Association of America

On August 7, 2018, PGA of America staff discovered their computer systems had been compromised when attempting to access files related to the ongoing PGA Championship at Bellerive Country Club and the upcoming Ryder Cup in France. A message displayed on their screens stated, “Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorythm [sic].” The hackers warned that decryption attempts could result in permanent data loss, explicitly noting, “This may lead to the impossibility of recovery of certain files.” The encrypted materials included critical creative assets such as promotional banners, logos for digital and print communications, on-site digital signage, and developmental work for future PGA Championships. Some affected files represented over a year of irreplaceable design efforts that could not be readily recreated. The breach specifically targeted servers storing tournament operational and marketing data, though competition systems remained unaffected.

The attackers provided an encrypted email address for communication, offering to decrypt two sample files as proof of their capability to restore data. They included a Bitcoin wallet identifier for ransom payment but did not specify a monetary amount. PGA of America officials, through an anonymous source, stated they would not comply with extortion demands. Internal IT teams worked to regain control of the servers but had not fully restored access or identified the intrusion source by August 8. External cybersecurity experts were engaged to safeguard tournament operations, with no reported disruption to the PGA Championship events. The organization declined public comment, citing the incident as an ongoing investigation. Losses were confined to creative assets rather than financial or fan data systems.