SONOMA, Calif. -- The Circle Sport-Leavine Family Racing team nearly had no setup notes for the race in Texas earlier this year for a reason few teams could fathom.
Crew Chief David Winston's laptop was hacked the Tuesday before the race. He couldn't unlock any of his thousands of files. Setup notes. Tire notes. Everything. And he hadn't backed up the computer recently enough to have them to move them to another machine.
But he could get access to the files back -- for a price. The team said it was a victim of a ransomware attack and paid $500 (in bitcoin) to get the "key" to unlock the files. They actually had to go to a bitcoin ATM in the Charlotte area to make the transaction.
"They wanted the bitcoin in 24 hours -- there's a bitcoin ATM machine [in Charlotte]," said team vice president Jeremy Lange. "If we were in a race track, trying to find a bitcoin machine is impossible. You can buy it online, but it takes two or three days for it to process. If we were at a race track, we would have been done."
Lange said did not tell authorities about the hack considering it was only $500 and it got the data back within 24 hours.
Plus, the team has now since employed additional security -- and also obtained a little bit of sponsorship along the way from Malwarebytes to make sure it doesn't happen again. The company is an associate sponsor this week and likely will have at least two primary race sponsorships for driver Michael McDowell.
Lange said the Malwarebytes people investigating the ransomware hack believe it originated most likely in Russia, China or Japan. They will not be able to pinpoint who was behind it and Lange said it is his understanding no perpetrator has been caught in these schemes.
NASCAR said teams have not told it of any ransomware issues and Lange said he had not heard of any other Sprint Cup team being subjected. He said he didn't think Winston's laptop was targeted because of what he did (in part because the team likely would have considered paying much more than $500 to be able to unlock the files). The team estimated the value of the data as $2 million and to recreate it would have taken nearly 1,500 man hours.
"The data that they were threatening to take from us was priceless, we couldn't go one day without it greatly impacting the team's future success," Winston said.
Lange said the files could not be accessed by the hacker -- just that the files were locked. They realized the issue when files were starting to appear in their Dropbox that weren't supposed to be in there.
For $500, it was in some ways a good lesson.
"We were able to get it back within 24 hours of the hack," Lange said. "At the end of the day it wasn't important to know where it came from, it was more important to get the data back and protect ourselves moving forward."