In the digital age, online casinos have significantly transformed the gambling landscape. With the allure of convenience and a wide array of games such as online slots, blackjack, and roulette, these platforms have attracted a massive user base. However, their increasing popularity has also made them prime targets for cyber threats. Every day, these virtual gaming arenas face a barrage of hacking attempts, with some attackers successfully breaching their defenses. This article delves into the world of cyber threats in the casino industry, shedding light on some of the most significant hacking attacks that have rocked these digital gambling platforms.

DDoS attack on William Hill

In 2016, William Hill was the victim of a distributed denial of service assault, which occurs when a website is overloaded with traffic, locking users out of the system and preventing it from functioning normally. This incident had a major detrimental effect on the business since many users were unable to place bets during the 2015–2016 UEFA Champions League football matches, notably those involving Arsenal and Manchester City. William Hill was able to promptly return to work, but the damage to the business's money and reputation was irreversible. William Hill reportedly suffered losses of over £4.4 million as a result of this 24-hour interruption. William Hill improved their security posture shortly after this incident by moving to the AWS cloud environment.

Leak of information from SuperCasino customers

SuperCasino, a well-known gaming website, experienced a data breach in the early months of 2020 that revealed private client information. The website notified several registered users via email of the breach and how to prevent future losses, which is how this incident came to light. The company clearly states that all financial data supplied by users, including credit card numbers, payment passwords, and other important documents, was safeguarded and untouched by the hack. They made it quite evident that the user password issue was the same. Although they were not compromised, users were recommended to modify them in order to enhance their security.

The only information compromised during the hack was that of customers, including names, usernames, dates of registration, phone numbers, email addresses, and other irrelevant or non-useful information for internal operations. SuperCasino was forced to issue a statement in order to reassure its patrons that there was nothing to be concerned about. However, in order to shield them from attacks by credential-stuffing attackers, they requested that the impacted clients must update their login information. Apart from its users and reputation, the corporation did not suffer much harm.

Clubillion data leak

Clubillion, the most popular club gaming software for Android (News - Alert) and iOS, exposed millions of users' personal information and daily activities through a misconfigured Elasticsearch data collection that was accessible to outsiders. Specialists Noam Rotem and Ran Locar at vpnMentor discovered the massive data leak. They discovered that the unearthed data set, hosted on AWS, includes specialized logs for a vast number of Clubillion clients worldwide. The custom data set, which was built around an Elasticsearch motor, was configured to hold daily action logs from applications running on iOS and Android devices. It was updated with up to 200 million records every day, taking up 50GB of storage space.

The daily movement logs comprised Personally Identifiable Information (PII), together with client activity records, which include things like entering a game, winning, losing, amending a record, and establishing a record, as well as IP addresses, email addresses, private messages, and rewards. Numerous people around Europe use Clubillion, according to the experts. On average, there are 2,475 daily dynamic clients in the UK, 1,582 in Germany, 1,650 in France, 2,407 in Italy, and 1,026 daily dynamic clients in Spain.

Clubillion's iOS and Android applications also boasted more than 10,000 active daily users in the United States, 7,792 in Canada, 6,251 in Australia, and a plethora of users from countries such as Uzbekistan, India, Poland, Romania, Vietnam, Lebanon, Indonesia, the Philippines, Pakistan, Thailand, Austria, Hungary, and Latvia. Taking everything into account, the unearthed data set disclosed the daily activity logs of people from all around the world.

Security scientists discovered the data set on March 19, and it was finally closed on April 5 after the researchers contacted AWS after failing to receive a response from the application's engineers.

Federal Group ransomware attack

The well-known Tasmanian casino operator admitted that it had been the victim of a hack that led to issues with its slot machines and complicated hotel bookings for other customers. Executive director of Federal Group, asserted that the attack was made feasible by some form of ransomware. After a number of employees reported receiving emails requesting payment in cryptocurrency, word of the ransomware attack spread. For several weeks, the gaming machines and hotel booking system owned by the casino and hotel owner were inaccessible due to the ransomware assault. The financial statement stated, "The directors decided not to pay the demanded ransom.

A virus attack known as a ransomware attack locks and encrypts the victim's files and then demands payment in Bitcoin or another cryptocurrency to unlock the encrypted files.

Hackers attacked MGM Resorts International customer data

Millions of consumers' personal information was compromised due to a massive cyber security incident that affected MGM Resort International. Parts of their website that include user information such as birthdates, phone numbers, email addresses, and names of those who have stayed at locations owned by the Las Vegas company were impacted by this assault. A significant number of well-known faces and names were impacted by the extensive data breach that resulted from the massive attack. Financial information, including credit and debit card information, was not lost.

They were able to notify the impacted consumers about the loss of their personal information and discovered the breach in time to prevent significant harm. furthermore made touch with expert cyber-security forensic companies to assist in handling the destabilized issue.

It was eventually discovered that the system breach had caused a small amount of data to be lost due to an unauthorised user's access to the system's server. It is difficult to say when or whether the stolen data was used, although some of the information was allegedly put on a hacker site where many hackers may use it.

Additionally, press reports stated that among the most well-known people to be hacked were Canadian musician Justin Beiber and Twitter (News - Alert) CEO Jack Dorsey. While others implicated in the hack are those with connections to the US Department of Justice, Department of Homeland Security, Transportation Security Administration, and Federal Bureau of Investigation (FBI), their details may have been included in the compromised list.

SBTech Cyber Attack

When SBTech discovered a ransomware attack on its network on March 27, 2020, it promptly closed its data centers. The cybersecurity breach caused an interruption to the sports betting and iGaming services that SBTech's customers were using. SBTech contacted impacted partners and consumers as well as the appropriate regulatory bodies.

It was not possible for customers who use the SBTech platform for wagering activities to do so. SBTech quietly strengthened its encryption and security measures during the outage. The outage had an impact on a number of well-known websites, including Draftkings.

Ransomware was the type of assault that took place on the system. Hackers in this case were attempting to take certain firm data and code. Because they have access to a vast amount of data, hackers typically target casinos. Their goal could be to pilfer personal or financial data.

SBTech's framework for checking identified a possible security risk. As soon as it was realised that this was a real attack, the provider took precautionary measures by shutting down its server farms all around the world, and outside experts began investigating.

SBTech underwent a phase of rehabilitation during which all of its administrations were rebuilt. No information has been compromised because all client data was securely jumbled.