Crown Resorts has confirmed that a “small number of files” have been released on the dark web after being contacted by a ransomware group that claimed to have obtained a limited number of documents through GoAnywhere.
Last month, the Australia casino and entertainment operator confirmed communication with a collective that claimed to “have illegally obtained a limited number of Crown files”.
However, it was noted that immediate attention was to be placed on investigating the claim’s validity, as well as working with the relevant authorities and gaming regulators.
Initially established in early February, a number of organisations have confirmed impacts after Fortra’s third-party file transfer service GoAnywhere was impacted by a global data breach.
“We can confirm no customer data has been compromised and our business operations have not been impacted,” a Crown Resorts spokesperson said last month.
Offering an update on the data breach, the company has now confirmed that a limited number of files have been released on the dark web.
This includes employee time and attendance records and some membership numbers from Crown Sydney, however, Crown moved to ease any further potential fears by adding that no personal information of customers had been compromised as part of the breach.
“We are proactively notifying all impacted individuals and are updating membership numbers of those affected out of an abundance of caution. Crown continues to work with law enforcement and our regulators in relation to this cybercrime,” a group spokesperson noted.
