Crown Resorts investigating the validity of data breach claims

Crown Resorts has become one of a number of organisations that utilises third-party file transfer service GoAnywhere to have confirmed that it has been impacted by a global data breach.

Initially established in early February, a number of organisations subsequently noted impacts after Fortra’s GoAnywhere managed file transfer software was hit.

This led to the Australia casino and entertainment operator confirming that it was contacted by a ransomware group who claimed that they “have illegally obtained a limited number of Crown files”.

However, the group noted that it is investigating the claim’s validity, as well as working with the relevant authorities and gaming regulators. 

Specialist news sites have revealed that the incident has already impacted energy giant Hitachi Energy, brand retailer Saks Fifth Avenue, American education platform Pluralsight, consumer goods giant Procter & Gamble, mining company Rio Tinto, the UK’s Pension Protection Fund, cybersecurity firm Rubrik, and healthcare provider Community Health Systems.

Furthermore, the city of Toronto also issued a statement confirming that unauthorised access to data had occurred through a third party vendor, but was keen to note that this was “limited to files that were unable to be processed through the third party secure file transfer system”.

The Crown Resorts statement in full, read: “We were recently contacted by a ransomware group who claim they have illegally obtained a limited number of Crown files. We are investigating the validity of this claim as a matter of priority.

“We can confirm no customer data has been compromised and our business operations have not been impacted.

“We are continuing to work with law enforcement and have notified our gaming regulators as part of the ongoing investigation and will provide relevant updates, as necessary.”