Crown Resorts has reported a ransomware group has allegedly gotten access to part of its files during GoAnywhere transfer.
The leading entertainment group, operator, and developer of integrated resorts from the land Down Under has announced that a ransomware group had reached out to them with claims of accessing “a limited number of Crown files”.
The incident occurred during a file transfer procedure via the GoAnywhere platform. The latter offers managed file transfer software provided by US-based cybersecurity company Fortra.
No Customer Data Was Been Comprised
According to a Crown Resorts spokesperson, the company’s operations have not suffered any impact as a result of the data breach. At the same time, there were no customer data breaches reported.
The group that owns Crown Melbourne, Crown Perth, Crown Sydney, and Crown London Apinalls further explained that an investigation into the claims of the ransomware group and the truth behind them has been initiated.
The spokesperson added that the group has already notified its gaming regulators and that it will continue to offer “relevant updates” while expressing the intention to collaborate with law enforcement.
The suspicious activity at the file transfer platform was originally identified and reported by Fortra, almost two months ago. A number of other groups and companies were allegedly impacted as a result of the same breach, including mining company Rio Tinto.
While the ransomware group threatened they would release the stolen Rio Tinto data including payroll information of a limited number of employees onto the dark web, this has not yet occurred.
Similar to Crown Resorts, the mining giant is still investigating the truthfulness behind the cybercriminal group’s claims. So far, the leading global mining group with a focus on mining and processing mineral resources has found an indication of a “possibility that Rio Tinto data may be impacted”.
At the end of November 2023, Crown Resorts released the results for the financial year up to June 30, marking AU$945 million ($633 million) in losses.
Rising Number of Cybersecurity Breaches
In recent weeks, an increasing number of international companies and government institutions have reported similar data breach incidents in connection to the same GoAnywhere platform.
Among them, we can mention Hitachi Energy, Hitachi’s Japanese unit that also reported a ransomware attack by a cybercriminal group called “CL0P”. The attack resulted in cybercriminals getting unauthorized access to their employees’ data in some countries.
The same CL0P group also explored the security vulnerabilities in the servers belonging to California-based Accellion in 2021. This resulted in a number of data breaches in several important institutions including the Reserve Bank of New Zealand, Morgan Stanley, and Kroger Co.
US exchange Community Health Systems also confirmed that the personal and medical data of around one million individuals may have been subject to a security breach in relation to the same Fortra-owned managed file transfer software.