Perceptive Security
SOC/SIEM Consultancy
England Hockey investigating ransomware data breach
Published:
12 March 2026 at 20:37:16
Alert date:
12 March 2026 at 21:01:52
Source:
bleepingcomputer.com
Ransomware & Malware, Data Breach & Exfiltration
England Hockey, the governing body for field hockey in England, is investigating a potential data breach after the AiLock ransomware gang listed it as a victim on its data leak site. The organization is working to determine the scope of compromised data and implement appropriate response measures. This incident represents another example of ransomware groups targeting sports organizations and their sensitive member and operational data.
Technical details
AiLock ransomware uses ChaCha20 and NTRUEncrypt encryption methods to lock files, appends .AILock extension to encrypted files, and leaves ransom notes in all impacted directories. The threat actor engages in double-extortion attacks and uses privacy law violations as leverage in negotiations. They give victims 72 hours to respond and 5 days for payment under threat of leaking stolen data and destroying recovery tools.
Mitigation steps:
Players should be vigilant for suspicious account activity and phishing attempts, and treat unsolicited communications with caution. England Hockey is working with external specialists and cooperating with relevant authorities including law enforcement.
Affected products:
England Hockey systems
Related links:
https://www.zscaler.com/cxorevolutionaries/insights/cxo-monthly-roundup-march-2025-ai-security-report-coffeeloader-analysis-and-more
https://medium.com/s2wblog/detailed-analysis-of-ailock-ransomware-1d3263beff15
Related CVE's:
Related threat actors:
IOC's:
.AILock file extension
This article was created with the assistance of AI technology by Perceptive.