Crown Resorts, Australia's largest casino operator, has been targeted by a ransomware group that claims to have accessed some of the company's files following a data breach at its file transfer service, GoAnywhere.
The company confirmed that it has been contacted by the ransomware group but clarified that no customer data had been compromised and business operations had not been affected.
Consequently, Crown has launched an investigation to verify the validity of the ransomware group's claims.
The data breach at GoAnywhere was flagged nearly two months ago by Fortra and has impacted several other organisations, including mining giant Rio Tinto (ASX:RIO) and the University of Melbourne.
The news comes hot on the heels of several other high-profile cybersecurity breaches in the country in the recent past, including the latest at consumer finance firm Latitude Group, where hackers stole nearly 8 million Australian and New Zealand drivers' licence numbers.
Investigating claims
In a statement, Crown spokesperson said: "Crown is one of many organisations who use the third-party file transfer service, GoAnywhere, which has been impacted by a data breach globally.
“We were recently contacted by a ransomware group who claimed they have illegally obtained a limited number of Crown files.
“We can confirm no customer data has been compromised and our business operations have not been impacted.
"We are investigating the validity of this claim as a matter of priority."
Established ransomware group
Ransomware group Cl0p has claimed responsibility for a January 2023 attack on Fortra's GoAnywhere managed file transfer tool, compromising data from several organisations.
Last week, Cl0p began posting details about Crown Resorts on the dark web, which was one of the 100 entities that received ransomware demands in March stemming from the GoAnywhere attack.
Cl0p, also known as TA505 and FIN11, is an established ransomware gang that has previously targeted Shell (LON:RDSa), Qualys, the Reserve Bank of New Zealand, Stanford University and the UK Police National Computer Database, among others.
Six members were arrested in late 2021, but the group returned to business within six months.
Reports suggest that Cl0p has extracted US$500 million from entities over the last five years.