Documents Stolen in Cowboys Casino Hack Released A Year Later

Media Division | June 13, 2017

The malicious purposes and intents of hackers can sometimes be a bit confusing or unclear. There have been incidents where data was stolen and yet does not seem to be leaked online or used in any way.  The motive behind a hacker’s actions can range so widely that it is hard to tell what will result from an incident sometimes. This had been the case in an attack last June upon Cowboys Casino in Calgary, but now it seems that the stolen information is finally surfacing.

In June of last year, Cowboys had announced a data breach that had resulted in thousands of documents being stolen. At the time, the casino had sent notifications to more than 14,000 clients, staff, and customers advising them that they could have potentially been affected by the breach. Though, there had been no appearance or use of the stolen documents afterward. Fast forward to today, and those stolen documents are finally showing up online. The documents included information such as gambling habits and payouts, and over the weekend, they had been leaked to a data sharing website called Pastebin. According to experts, it is a matter to be worried about, because the leak includes sensitive information that could be used for identity theft. In fact, reports have said that the leak also included FINTRAC forms, which contain data like addresses, dates of birth, driver’s license numbers, and places of employment. The casino has once again been reaching out to those potentially affected to let them know that their information may have been leaked online.

A Threat of Further Data Dumps

At this point, it appears that the goal of the perpetrators was to get the casino to bolster their security. The hackers have threatened Cowboys with the release of further information next week if they do not make changes to their security. A message left along with the leak said that the casino’s data had been “ripe for the taking,” and that they had previously asked Cowboys to fix their security hole, but were ignored for over a year. They had also stated that the second dump will include sensitive data like disciplinary reports, Triton background checks, payroll information, company emails, and further customer data. The casino said that they had fortified their security since the last attack and this included large upgrades, but this does not appear to be satisfactory to the hackers, being that they are making these new threats. As a further threat, the hackers stated that they will be releasing a new dump every week until “they decide to take this matter seriously!” The casino has been in contact with police in regard to the incident.

Handling Security Incidents with Data Breach Solutions

Incidents like the above are why data breach solutions are so important for an organization to employ. When there has been a successful data breach, an organization needs to be able to quickly remediate and mitigate the situation through several different steps. This includes matters such as patching the immediate security vulnerability, notifying those affected, tracing the source, and eliminating the spread of the data where possible. When data is able to be leaked, it can easily spread all over the web and into the hands of other cyber criminals. The data needs to be tracked online and removed from the various places it could have spread. Massive Alliance offers data breach solutions that can help an organization to mitigate the damage of a data breach, as well as trace and stop the spread.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.