Russian ransomware hackers Cl0p send Crown ransom demand
Crown has confirmed it is investigating a potential data breach after the ransomware gang Cl0p posted on the dark web that it had hacked the Australian gambling giant.
Crown has been hit with a ransom demand by a Russian cyber gang that claims to have hacked the Australian gambling giant.
The company has confirmed it is investigating a potential data breach after the ransomware gang Cl0p posted on the dark web that it had accessed the company’s data.
the Melbourne-headquartered casino and resort company has alerted police and the gambling regulator as it works to determine what data may have been compromised.
The University of Melbourne also confirmed it may have fallen victim to the gang, although any data lost was limited to cost codes, which track expenditure, and did not contain any personal or sensitive data
The companies appears to be one of at least 130 firms compromised by Cl0p, which exploited a weakness in the third party GoAnywhere file transfer software a number of large companies use.
The mass data breach occurred in late January and affected companies including Rio Tinto in Australia and global conglomerate Proctor & Gamble.
“Crown is one of many organisations who use the third-party file transfer service GoAnywhere, which has been impacted by a data breach globally,” a spokesman told The Australian.
“We were recently contacted by a ransomware group who claim they have illegally obtained a limited number of Crown files.
“We are investigating the validity of this claim as a matter of priority.
“We can confirm no customer data has been compromised and our business operations have not been impacted.
“We are continuing to work with law enforcement and have notified our gaming regulators as part of the ongoing investigation and will provide relevant updates, as necessary.”
GoAnywhere is a supposedly secure file transfer system supplied by US cyber firm Fortra to allow clients to transfer sensitive files securely via the internet.
The hack has affected companies across the globe, including the movie company Cinemax and the City or Toronto in Canada.
Rio has said some private staff data may have been compromised.
The University of Melbourne confirmed it was aware it had potentially lost data through the GoAnywhere breach.
“Recently, a third-party software provider to the University of Melbourne, FORTRA GoAnywhere MFT was the victim of a cyber-attack,” a university spokesman said.
“On 21 March, the University of Melbourne’s cyber security team intercepted an email from a threat actor claiming to have stolen University data from GoAnywhere MFT.
“As soon as the University became aware of the email, the University’s cyber security team took immediate action.
“The compromised system was taken offline and external forensic analysts began investigating the incident and further strengthening the University’s security controls.
“At this stage, our investigation shows that cost codes used to pay University accounts may have been stolen. These cost codes do not contain personal or sensitive information.
“If the cost codes have been stolen it won’t affect the university’s operations.
“As the university’s investigation continues and more information is known, further updates will be provided. This advice is being provided as part of the University’s proactive commitment to transparency regarding cyber security incidents.
“The university has notified the Australian Cyber Security Centre about the incident.”
More Coverage
Marked down, try harder: Australian universities slip in global rankings
Which are Australia’s best universities? The Times Higher Education world university rankings reveal the top performers.
Albanese apologises for ‘unkind’ Tourette slur in parliament
The PM has issued an apology to disabled Australians after being slammed for using Tourette syndrome to mock shadow treasurer Angus Taylor. Meanwhile Question Time has begun early ahead of the PM's trip to Laos | WATCH IT LIVE