Crown Resorts, Australia’s largest games and entertainment company, has confirmed it suffered a data breach after its GoAnywhere secure file-sharing server was hacked using a zero-day vulnerability.

The Blackstone-owned company has annual sales of over $8 billion and operates resorts in Melbourne, Perth, Sydney, Macau and London.

This data breach was carried out by the Clop ransomware gang, which over the past year has gone from encrypting files to carrying out data extortion attacks.

In February, threat actors claimed to have stolen data from 130 organizations for ten days using a GoAnywhere zero-day vulnerability.

Although Crown Resorts has confirmed that it was extorted by Clop, who claims to have stolen data from its networks, it says there is no evidence the data breach affected customers.

“We have recently been contacted by a ransomware group claiming to have illegally obtained a limited number of Crown Files,” reads the company statement.

“We are investigating the validity of this claim on a priority basis. We can confirm that no customer data has been compromised and our business operations have not been impacted.”

The gaming and entertainment company said it will continue to work with law enforcement to further investigate the security incident and provide updates if new evidence emerges.

Crown Resorts is the latest in a long line of victims who have admitted to being affected by GoAnywhere breaches, including CHS, hatch bank, rubricTHE City of Toronto, Hitachi Energy, Procter & GambleAnd Saks Fifth Avenue.

Clop is still extorting victims by threatening to leak the data he stole from their networks, but has yet to leak anything on his data leak site.

Clop claiming Crown Resorts as a victim
Clop claiming Crown Resorts as a victim
Source: BleepingComputer

Meanwhile, GoAnywhere software provider Fortra is already facing the prospect of a class action in the United States, accused of not having put in place adequate cybersecurity measures to protect the private data stored in its network.

Although Fortra offered complainant, a Hatch Bank client, one year of free identity monitoring and fraud protection services, the gesture is dismissed as insufficient to mitigate the lifetime risk of personal data exposure .

The Clop ransomware gang has a history of exploiting zero-day flaws to steal data from companies and carry out massive waves of extortion.

In December 2020, the gang used a zero-day flaw in Accellion FTA to compromise more than a hundred companies, including Shell, Kroger, Qualys and several universities, demanding $10,000,000 in extortion demands.



Source link