Aristocrat, a global gaming content and technology company, has been hit by a data breach after falling prey to a cyber attack.
Following a previous extortion attempt in June, hackers managed to access and extract sensitive information, including employee data, from the company’s servers.
Now, the gaming giant has officially confirmed the Aristocrat data breach and provided updates on their response to the incident.
According to the company’s report, while the data breach will not have a widespread impact on the business, investigations are ongoing to address the concerns of users and stakeholders.
“Aristocrat has completed its risk assessment of any potential impact to its business arising from this incident. Based on the information available as of this date, Aristocrat expects low business impact with the execution of an appropriate risk management and mitigation plan,” read the statement on the Aristocrat data breach.
“We will continue to manage this incident proactively and comprehensively, in the best interests of our people, business, and other stakeholders”, the report further stated.
Aristocrat data breach and MoveIT vulnerability
The Aristocrat data breach exposed an ongoing vulnerability as cybercriminals exploited a previous zero-day vulnerability in third-party file-sharing software, MOVEit.
This allowed the attackers to access and extract sensitive data from the company’s servers, including personal information belonging to Aristocrat employees.
The Aristocrat data breach is believed to be executed by a notorious hacker group that previously targeted big corporations using the MoveIT vulnerability.
Once the company learnt about the Aristocrat data breach, they took immediate action to contain the breach, address the MoveIT vulnerability, and initiate remedial measures.
Aristocrat has also collaborated with law enforcement agencies and regulatory bodies, ensuring that the appropriate authorities were notified and engaged in the investigation process.
To mitigate the fallout from the Aristocrat data breach, the gaming giant employed independent security experts to assess the extent of the breach, identify the data that had been compromised, and implement necessary mitigations.
The gaming industry is under siege
The Aristocrat data breach is just one instance in a series of breaches targeting the gaming industry. With its vast digital infrastructure and valuable assets, this sector has become a prime target for hackers.
The gaming industry has experienced ransomware attacks in addition to the ongoing piracy wars and hacktivism.
Hackers have been increasingly targeting gaming companies, drawn by two primary objectives within this industry, according to SOCRadar.
Firstly, they aim to gain access to valuable assets, such as video game source codes, employee data, and development kits for highly anticipated upcoming games.
The second reason is that the games usually have a lot of data and virtual assets, including credentials, credit card information, messages, contacts, prizes, coupons, and much more.
These are some of the things gamers earn while investing their time and money into the game. Direct access to this information will result in profits for the hackers, who can sell the in-game assets and use the credit card information to steal money from the victims.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.