28 April 2023
Crown Resorts’ data breach: What you need to know
Crown Resorts, the largest Australian gambling company, recently revealed that a small number of internal files were released on the dark web. This data breach occurred through the popular file transfer service, GoAnyware, which was operating with a zero-day remote code injection exploit that was exploited by cybercriminals, according to well-known cybercrime investigative journalist Brian Krebs. As a result, Crown Resorts temporarily shut down the service to prevent further damage.
While the Blackstone-owned casino operator was notified by a ransomware group that claimed to have possession of some of Crown’s files on March 27, the company confirmed that no customer data was compromised and that its operations were not impacted. Crown Resorts is collaborating with law enforcement agencies and gaming regulators as part of an ongoing investigation into cybercrime, according to a spokesperson.
Crown confirmed on April 5 that a small number of files, including employee time and attendance records, and membership numbers from Crown Sydney, were released on the dark web, but it reiterated that no personal information of customers was compromised in the data breach. Furthermore, the company emphasized that the released files did not include bank names, tax IDs, BSB, or payslip information. Crown Resorts is currently proactively notifying all affected individuals and updating membership numbers as a precautionary measure while working closely with law enforcement agencies and regulators in relation to cybercrime.