Russian hackers leak Crown data on web
Employee attendance records and customer member numbers have been leaked on to the dark web as a Russian cyber gang tries to extort Crown resorts into paying a ransom.
Employee attendance records and customer member numbers have been leaked on to the dark web as a Russian cyber gang tries to extort Crown resorts into paying a ransom.
Ransomware gang Cl0P uploaded a small number of files, boasting it had obtained data including reports from casino “slot machine’’ and employee IDs.
The leak came on the same day the Tasmanian government warned people to monitor their bank accounts for suspicious activity after the same gang managed to hack the Department of Education’s financial data, potentially compromising names, addresses and bank account details.
The hacks, along with similar attacks on Rio Tinto, Service-Stream and the University of Melbourne, were carried out when the hackers compromised the systems of GoAnywhere, a third-party software program used by large institutions and companies to transfer data.
“The company doesn’t care about its customers, it ignored their security!!!,’’ the gang posted, claiming it had obtained files including “reports with employee ID, reports from casino slot machines (player ID, date, how much played), game ID, how much won/lost.’’
It also claimed it had obtained “files with employee data, salary, hours of operation, etc.’’
It is believed that the attendance records relate to past and current Crown employees in Sydney, but do not include any bank names, pay slip, BSB or tax identification details. The membership numbers are a series of numbers only, and contain no personal customer information.
A Crown resorts spokesman said the ransomware gang had contacted them claiming to have obtained a limited number of files through GoAnywhere.
“A small number of files have been released on the dark web, including employee time and attendance records and some membership numbers from Crown Sydney,’’ he said. “We can confirm that no personal information of customers has been compromised as part of this breach.
“We are proactively notifying all impacted individuals and are updating membership numbers of those affected out of an abundance of caution. Crown continues to work with law enforcement and our regulators in relation to this cybercrime.”
The Tasmanian government appears to be the only Australian government organisation caught up in the leak from GoAnywhere, a service provided by cyber security company Fortra, which discovered the hack on January 30.
Tasmanian Science and Technology Minister Madeleine Ogilvie said investigations had shown that financial data from the Department of Education, Children and Young People may have been obtained in the global hack.
“The sort of information that may have been released in that area includes names, addresses, invoices, and bank account numbers,’’ she said. “The government is working with the Australian Cyber Security Centre.”
More Coverage
‘We need Chinese EVs’ to combat climate change: Uber
The ride sharing giant is partnering with Chinese electric vehicle maker BYD to make EVs more affordable and says high tariffs and US-style bans are not helpful in combating climate change.
Uber urges Aussies to give up second car to fight climate change
Ride share giant Uber says transitioning to EVs is not enough to slash automotive emissions and congestion as it urges Australians to consider giving up their second car.