Cyber Incident Victim: Events DC

Events DC, the official convention and sports authority for Washington, DC, experienced a cyberattack affecting portions of its network, detected on or around October 28, 2022. The organization responded by swiftly implementing containment measures to curtail the attack’s progression. It engaged a leading data forensics firm to conduct a detailed investigation and notified law enforcement authorities. Events DC emphasized its commitment to protecting entrusted information and prioritized maintaining operational continuity for its workforce to minimize disruption to customer and stakeholder services. Preliminary findings from the forensic investigation indicated potential compromise of sensitive employee information, though the specific data types, volume of affected individuals, and intrusion methods were not disclosed. The attack’s duration, initial attack vector, and whether data exfiltration occurred remained under investigation at the time of the statement.

Events DC proactively communicated with all employees regarding the incident and offered complimentary credit protection services to current staff as a precautionary measure. The organization planned to issue individual notifications to impacted employees following the completion of further investigative steps. No evidence suggested customer or public data compromise, as the confirmed impact centered on employee information. Events DC acknowledged the ongoing nature of its forensic review and expressed appreciation for stakeholder patience and cooperation throughout the response process. The statement did not attribute responsibility to any threat actor group or disclose whether ransomware or extortion tactics were involved. Operational impacts on Events DC’s venues, including the Walter E. Washington Convention Center and RFK Stadium-Armory Campus, were not detailed in the public update.