Cyber Incident Victim: ASVEL
Date:
Oct 2023
Location:
France
Summary
A French basketball club was targeted by the NoEscape ransomware group, resulting in the theft of approximately 32 gigabytes of sensitive data including players' personal identification documents, financial records, contracts, and confidential agreements. The attackers compromised the organization alongside 53 other entities, demanding ransoms ranging from hundreds of thousands to millions of dollars, though the specific breach mechanism remains unconfirmed. The victim organization has not issued any official statements regarding the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On or around October 1, 2023, the French basketball club ASVEL fell victim to a cyberattack conducted by the threat actor group NoEscape. The breach resulted in the theft of approximately 32 gigabytes of sensitive organizational and personnel data, including players' personal information, passport copies, national identity cards, financial documents, contractual agreements, non-disclosure agreements (NDAs), and other classified materials. The exact attack vector remained unspecified in initial reports, with no technical details disclosed regarding infiltration methods or compromised systems. NoEscape, identified as the perpetrator, claimed responsibility for the intrusion as part of a broader campaign targeting 54 organizations across multiple sectors. The group typically demanded ransom payments ranging from several hundred thousand to millions of dollars per victim, though ASVEL’s specific ransom demands were not publicly confirmed. The incident surfaced publicly on October 1st as the club prepared for its first EuroLeague home game of the season, though forensic evidence suggested the breach may have occurred earlier.
The theft exposed highly sensitive player and organizational assets, creating immediate operational and reputational risks during a critical competitive period. Despite the severity of the compromise, ASVEL had not issued any official statements regarding incident response measures, forensic investigations, or communications with affected personnel by the time of reporting. Cybersecurity outlet Cybernews verified the breach’s scope but provided no additional details about containment, remediation efforts, or data recovery. NoEscape’s involvement aligned with their established pattern of multi-sector targeting and extortion tactics, though no explicit threats or deadlines against ASVEL were documented in initial disclosures. The attack underscored vulnerabilities in sports organizations’ data protection frameworks while disrupting team operations ahead of a major international competition.