Ransomware victim disclosure
← All victimsThe Madison Square Garden Company
listed as MSG.COM · Claimed by Clop · listed 8 months ago
Status timeline
- ListedNov 21, 2025
- Data leakeddate unknown
At a glance
- Group
- Clop
- Status
- Data leaked
- Sector
- Hospitality and Tourism
- Listed on leak site
- Nov 21, 2025
About the victim
AI dossier — public-source company profileThe Madison Square Garden Company operates Madison Square Garden, one of the world's most prominent sports and entertainment venues located in New York City. The company owns and operates the arena, which hosts major sporting events (New York Knicks, New York Rangers), concerts, comedy shows, and other large-scale entertainment events.
- Industry
- Sports & Entertainment Venues
- Address
- Madison Square Garden, New York City, New York, USA
- Founded
- 1968
Attack summary
Severity: medium — Confirmed breach and data publication by known ransomware group (Clop) affecting a high-profile entertainment venue; however, no specific sensitive data categories (PII at scale, payment data, etc.) are explicitly confirmed in the available disclosure, and no operational disruption is mentioned.The Clop ransomware group claims to have compromised MSG.com. The post indicates data exfiltration, though specific details about the scope and nature of exfiltrated data are not provided in the available excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Website data
- Potential customer/ticket holder information
- Event data
Original description
AI-summarised, not from the leak postMSG.com is a website owned by The Madison Square Garden Company, a sports and entertainment company based in the United States. The site features content pertaining to the company's various properties, including the New York Knicks, the New York Rangers, and Madison Square Gardens. It provides news, updates, event schedules, ticket purchasing options, and more.
Sources
Source
Indexed 8 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

