The attack occurred on 1 June, when a hacker gained access to an Aristocrat server. The hackers exploited a newly identified vulnerability in MOVEit – third-party file sharing software used by the business. Aristocrat has taken several steps in response, including containing the incident, addressing the vulnerability with MOVEit, and notifying law enforcement and regulatory authorities. They are working with experts to determine the extent of the data breach and have offered complimentary credit monitoring and identity theft protection for all staff. Aristocrat assesses the potential impact to its business as low, with the implementation of a risk management and mitigation plan. They emphasize their commitment to privacy and security and vow to proactively manage the incident.
This attack is not unique to Aristocrat, as other gaming businesses have also fallen victim to similar attacks. In a previous incident, certain DraftKings customer accounts were compromised, resulting in the loss of €300,000. Additionally, the hack rendered customers’ two-factor authentication useless by changing their phone numbers. Cybersecurity experts in the industry stress the need for proactive measures to protect financial security.