Cyber-Attack Shutters Half of Tasmania’s Casinos

Two of Tasmania's four casinos have been forced to close their doors following a cyber-attack.

Threat actors struck the Australian island state's sole casino operator Federal Group with ransomware on April 3. The attack affected hotel booking systems in the company's Wrest Point and Country Club venues, sited in Sandy Bay and Launceston, respectively.

The venues' slot machines, known as pokies in Tasmania, were also impacted and have been out of service since the attack. 

Federal Group has launched an internal investigation into the attack and recruited third-party cybersecurity experts to help determine the extent of the security incident. 

“As a result of hard work by our team and external experts, including over the Easter long weekend, the immediate incident itself has been contained,” said Federal Group executive director Daniel Hanna. 

“The Australian Cyber Security Centre was notified and is coordinating with relevant law enforcement agencies and continued forensic analysis.”

Federal Group has not indicated when customers can expect normal services to resume. 

ABC News said it had been informed by multiple former Federal Group IT employees that credit card details captured during historic transactions and stored in the company's hotel booking system could have been exposed. 

According to Hanna, the Group is still trying to work out whether any financial data or personal information belonging to customers was compromised in the attack. 

Hanna told ABC that unions and other individuals passing comment on the incident "are not involved in the investigation or appraisal of all relevant information and cannot be relied on to provide accurate information." 

Details of the ransom demanded by the cyber-criminals have not been shared by the Federal Group, nor has the casino operator indicated whether it will be paying up to retrieve its encrypted data. 

Former federal senator and Tasmanian minister Terry Aulich, who now works as a privacy and security consultant, said Tasmania enjoyed a false sense of cybersecurity.

"It's a view we have in Tassie that somehow or other the awful things that go on overseas, whether it's in IT or whatever, that it's not going to happen here in dear little old Tassie. That's entirely untrue."

What’s Hot on Infosecurity Magazine?