Crown Resorts has confirmed it’s investigating a possible information breach after a ransomware gang claimed it had accessed the corporate’s information.
In an announcement posted on its web site on Monday, Crown mentioned it had notified legislation enforcement of the potential breach.
“Crown is one of many organisations who use the third-party file transfer service, GoAnywhere, which has been impacted by a data breach globally,” the assertion mentioned.
“We were recently contacted by a ransomware group who claim they have illegally obtained a limited number of Crown files.
“We are investigating the validity of this declare as a matter of precedence.”
Crown is the latest in a growing list of companies targeted by a ransomware gang that exploited a weakness in GoAnywhere’s file transfer software.
“We can affirm no buyer information has been compromised and our business operations haven’t been impacted,” a Crown consultant mentioned.
“We are persevering with to work with legislation enforcement and have notified our gaming regulators as a part of the continued investigation and can present related updates, as mandatory.”
A host of global firms and government institutions have reported cybersecurity incidents linked to GoAnywhere – a managed file transfer (MFT) software offered by United States cybersecurity firm Fortra – in the past few weeks.
The personal data of mining giant Rio Tinto Ltd’s former and current Australian employees was also targeted by the cybercriminal group.
Rio Tinto payroll information, such as pay slips and overpayment letters of a small number of employees from January 2023, was possibly seized by the group, a staff memo cited last week by Reuters said.
Rio Tinto said the cybercriminal group had threatened to release the data onto the dark web.
“To date, not one of the data described above have been launched and we nonetheless have no idea if the cybercriminal group holds these data or not,” the staff memo said.
Hitachi Energy, a unit of Japanese conglomerate Hitachi, said last week a ransomware attack by the “CL0P” group on GoAnywhere could have resulted in unauthorised access to employee data in some countries.
File-sharing software has historically been a target for cybercriminals.
Back in 2021, vulnerabilities in the servers of California-based Accellion were exploited by the CL0P group, leading to data breaches in Morgan Stanley, Kroger Co, the Reserve Bank of New Zealand and other high-profile institutions.
with Reuters
Source: www.perthnow.com.au
