Chavdar Vasilev is a journalist covering the casino and sports betting market sectors for CasinoBeats. He joined CasinoBeats in May 2025 and reports on industry-shaping stories across the US and beyond, including legislative debates, market...
Read Full BioBragg Gaming Group has become the latest gambling operator to face a cybersecurity breach. However, the company insists that its operations remain unaffected, and no customer information has been compromised, an outcome far less damaging than other recent attacks in the sector.
Bragg Says Operations Remain Unaffected
Bragg issued a press release, confirming that it suffered a cybersecurity incident on the morning of August 16. The company states that it took immediate steps to mitigate any potential impact and has recruited independent cybersecurity experts to assist in addressing the matter.
According to its preliminary investigations, Bragg believes the data breach only affected the internal computer environment. Currently, it states that there’s no indication that personal information was compromised, and it can continue its operations without disruption.
The company stated that updates will be published through its corporate website, stressing transparency as investigations continue.
A Pattern of Costly Cyberattacks in Gaming
Cyberattacks in the gambling industry are not uncommon, with several high-profile cases in recent years showing the scale of the threat.
In September 2023, MGM Resorts shut down some systems after a ransomware cyberattack. The disruptions affected the casino floor, hotel room access and reservations, website access, and more.
The disruptions lasted over a week, and later MGM revealed it had cost the company over $100 million in lost profits.
That same month, Caesars Entertainment revealed in an SEC filing that it had suffered a similar cyberattack. However, unlike MGM, Caesars reportedly paid the attackers a $15 million ransom.
The same year, a cyberattack shut down all 14 Gateway casinos in Ontario, while an attack on Everi Holdings in New York shut down Jake’s 58 casino.
More recently, in April 2025, Jackpot Junction Casino Hotel in Minnesota fell victim to an attack.
Online gambling platforms have also been victims. In 2022, attackers went after DraftKings, BetMGM, WSOP, and FanDuel, stealing account credentials and draining customer funds.
Even this month, outside the US, Flutter Entertainment’s Paddy Power and Betfair suffered an attack that compromised client data.
Who Might Be Behind the Attack?
While Bragg has not disclosed any suspected perpetrators, cybercrime groups such as Scattered Spider and the Lazarus Group have repeatedly targeted companies across the finance, entertainment, and gaming sectors.
Scattered Spider, which was behind the MGM and Caesars attacks, is notorious for its social engineering use. The hackers convince IT staff to reset access credentials, thereby granting unauthorized access.
The group has suffered a series of arrests. Authorities detained a suspected ringleader in Spain in 2024, another member in Florida that same year, and four more individuals in the UK in July 2025—bringing the total to six.
Meanwhile, Lazarus Group, a North Korean state-backed operation, has stolen billions in crypto and has attacked gambling platforms in the past to raise hard currency. In 2023, it syphoned over $41 million from crypto-casino Stake. Some of the hackers’ biggest hits include:
- $625 million Axie Infinity’s Ronin Network
- $100 million Harmony’s Horizon Bridge
- $100 million Bangladesh Bank attack
- $100 million from Atomic Wallet
- $60 million from Alphapo (crypto payment processor) and CoinsPad (crypto exchange)
Recently, an Ottawa-based security provider linked Lazarus to a Zoom-themed attack on an unnamed Canadian gambling provider.
