Aristocrat Leisure revealed that it was the victim of a cyber attack earlier this year. A hacker stole employee data and information.
Hackers gained access to Aristocrat’s server on the 1st of June. Since then, criminals published online extracts from this data.
Aristocrat stated that hackers were exploiting a recently identified vulnerability within MOVEit, a third-party software for file-sharing used by Aristocrat.
Aristocrat responded by taking a variety of measures, including the containment of the incident as well as addressing MOVEit’s vulnerability. It also informed the appropriate gaming, law enforcement and regulatory agencies.
The other actions are to work with experts and determine the data that was stolen, and offer all employees complimentary identity theft and credit monitoring protection.
Aristocrat said that they have completed an assessment of potential impacts to their business. The company expects a low impact on its business, if it implements a risk mitigation and management plan.
The company stated that “Aristocrat adheres to high standards of probity and privacy, and treats all data security and privacy seriously.”
We will manage this incident in a proactive and comprehensive manner, for the benefit of our employees, businesses and stakeholders.
Untraceable items can be traced
This is not the first time that a gaming company has been attacked. An attack in November of last year on DraftKings affected EUR300,000.
Hackers also changed the phone numbers of customers’ to make their two-factor authentication useless.
Earlier in the year, iGB interviewed a variety of cybersecurity experts about the threats that such attacks pose to the industry.
Zac Cutler, from Paysafe, and Leon Allen from Continent 8, said that the financial industry needs to be one step ahead of threats.