iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The Medusa ransomware group has claimed a ransomware attack on an Australia-operated digital slots and gaming machine manufacturer.
Ainsworth Game Technology Limited, which operates in Australia, New Zealand, Asia, the US, and Europe, is a manufacturer and supplier of gaming machines that was founded in 1995. Its corporate office is based in NSW, Australia.
On 10 December, the Medusa ransomware gang listed Ainsworth Game Technology on its dark web leak site, claiming to have exfiltrated 852.40 gigabytes of data.
It also posted a sample of the data, which contains alleged business documents and confidential business information, personal employee data, including first and last names, dates of birth, email addresses, bank account numbers, tax ID numbers and cards, passports and passport numbers, and more.
The data pertains to Ainsworth operations from all around the world, with a significant portion of the data being Australian.
Medusa has set a countdown timer for the release of the data in two weeks. It has also set the ransom cost at $1.2 million. It is also selling the data for the same price.
Ainsworth Game Technology is yet to publicly acknowledge the incident. Cyber Daily has reached out to the company for more information or a statement but has yet to receive a response.
In September, the Medusa ransomware gang branched the systems of North Sydney-based food and support services company Compass Group.
Medusa said little about the attack, but it claimed to have stolen 785.5 gigabytes of data and threatened to publish it within eight days.
Medusa is demanding US$2 million to delete the data, or the same amount for anyone to purchase it. The ransom deadline can also be extended by one day for US$100,000.
A spokesperson for the company said the malicious intrusion was discovered earlier in September.
“Compass Group Australia became aware of unauthorised activity in part of our IT network on 4 September,” the spokesperson told Cyber Daily.
“We immediately activated our incident response plan. Third-party forensic experts were engaged, and the affected systems were proactively disabled to remove the threat.
“During our investigations, we became aware that some data had been taken from our systems by the unauthorised third party. We are continuing to work closely with our forensic experts to verify what information was compromised as a result of this incident. “
Unfortunately for the company, one of Medusa’s affiliates also targeted the Compass Group just days later.
According to a post made late on the evening of 18 September, an affiliate (it is unknown if it was the same one or a second actor) was able to exfiltrate another tranche of data.
“Our affiliate entered this poor network this morning and messed the computers again!” the post said.
Be the first to hear the latest developments in the cyber industry.
