A notorious ransomware group known as Play Ransomware has claimed responsibility for a cyberattack on Professional’s Choice Sports Medicine Products, a California company that designs equipment for horses and riders. The group posted a listing on its dark web site on November 4, saying it had stolen company data, including payroll records, identification documents, tax files, and financial information.
Professional’s Choice, founded in 1976, produces protective gear and performance products for the equine sports industry. The company has not yet issued any public statement regarding the incident.
Play Ransomware is known for using a double extortion model. Attackers first encrypt company systems and demand a ransom to restore access. They then threaten to release or sell the stolen data unless an additional payment is made. The FBI has previously identified Play Ransomware as being linked to Russian-speaking actors.
Analysts who monitor ransomware activity say Play has listed more than 900 victims across multiple industries. Its targets range from industrial suppliers and healthcare providers to small manufacturers. The group has been active since mid-2022 and is considered one of the more consistent ransomware operations currently active.
The incident at Professional’s Choice highlights how smaller manufacturing and specialty companies remain at risk despite their size. Attackers often target such firms because they may have weaker defenses, limited cybersecurity staffing, and valuable financial or employee data. Even companies that operate in niche markets, such as equine medicine, can attract threat actors seeking quick profits.
Security researchers warn that once a ransomware group claims responsibility, the stolen data should be assumed compromised regardless of whether the ransom is paid. Attackers typically sell or leak the data after negotiations fail, creating long-term risks for both employees and customers.
Experts recommend that companies adopt stronger protection measures such as network segmentation, offline data backups, and regular testing of incident response procedures. Multi-factor authentication, timely software updates, and limited third-party access are also considered essential defenses against ransomware.
Monitoring the dark web for potential leaks and checking for stolen credentials are now standard parts of breach response. Organisations should also conduct forensic reviews to understand how attackers gained access and which systems were affected. Transparency with employees, clients, and partners can help rebuild trust and reduce reputational damage.
While Professional’s Choice has not confirmed the details of the breach, the event illustrates a broader shift in cybercrime. Ransomware groups are no longer focused solely on large corporations or government entities. Instead, they are targeting smaller businesses across supply chains where digital security may be less robust.
For many companies, ransomware is now a matter of business continuity, not just IT risk. The attack on Professional’s Choice serves as a reminder that any organisation handling sensitive data must treat cybersecurity as a central part of its operations.