Casinos invest large amounts of money into security and safeguarding of their intellectual property as they have always been the target of criminals since huge amounts of money get traded on the gaming floor and their websites on a daily basis.
Canada’s River Cree and Resort Casino was recently the target of a well-executed cyber-attack that managed to infiltrate the casino’s online security protocols. The casino confirms that the attack resulted in a breach of confidential employee and customer related data.
The Enoch Cree Nation owns the $210 million River Cree and Resort Casino which was opened a decade ago. The GM and COO of the casino Vik Mahajan stated that they discovered the cyber-attack only when their systems experienced downtime last week. It took IT personnel a couple of days to figure out that the system downtime was due to a cyberattack.
The casino is currently in the process of reaching out to all employees and staff whose personal data has been compromised. The casino’s gaming floor did not show any signs of an attack but as of now there is very little information as to who caused the attack and what was the full scale of the attack. Casino management have launched an investigation into the attack and will keep both employees and customers updated on the progress of the investigation.
In a statement, Mahajan said
We feel very confident that we’ve taken all the steps that we need to, to protect all that information from going public. Our customers and our associates, their privacy… is very important to us
River Cree Resort and Casino did not divulge a lot of information to the press as representatives stated that they were not fully aware of the scale of the attack. They did confirm that the casino’s player club members were targeted during the attack and the information compromised includes their full name, date of birth and address. Third party vendors own all of the ATM machines at the River Cree’s hotel and restaurant.
The casino has confirmed that it will look to upgrade its data security measures at the earliest and will now work with U.S. based cybersecurity company Mandiant, the Alberta privacy commissioner’s office and the RCMP to launch a detailed investigation into the attack. The casino has also updated the Alberta Gaming and Liquor Commission. Customers who have any concerns over their privacy are requested to contact River Cree at the earliest.
