Hackers Target Online Entertainment Businesses Like DraftKings

Cybercriminals have been exploiting online entertainment businesses using impersonations, counterfeit tricks, and pirated content to compromise victims’ sensitive data. A recent incident involved online gambling and betting websites owned by DraftKings.

What happened

SBTech, the online gambling technology provider which is now owned by and operated as DraftKings Inc, witnessed a cyber attack incident.
  • This month, after the three-way merger of SBTech, Diamond Eagle Acquisition Corp (DEAC), and Draftkings under the name DraftKings Inc., DraftKings disclosed a ransomware attack on SBTech, that had an immaterial financial impact on SBTech and DraftKings.
  • On March 27, 2020, right before the merger of the three companies, SBTech had detected a ransomware attack on its network. 
  • The operations of the sports betting and iGaming services were interrupted due to the attack. As a result, more than 50 SBTech-powered online sportsbooks sites like the Oregon Lottery, BetAmerica, Golden Nugget, Resorts Casino Hotel, etc. faced downtime.

Other recent attacks

Hackers often target online gambling and betting websites to steal data from the companies’ customers and business partners. The data is often dumped online so that other hackers can also use it for malicious purposes like spear-phishing, identity theft, and other forms of fraud.
  • In March 2020, Maze group had stolen large amounts of internal data from the online gambling operator, BetUS, for extracting a high ransom amount.
  • In February 2020, a Chinese hacker group breached the websites of gambling companies located in Southeast Asia, Europe, and the Middle East.
  • In January 2020, an online gambling platform, ‘SuperCasino,’ suffered a data breach that exposed sensitive information belonging to its customers.

Security recommendations

Organizations should establish strong cybersecurity and data privacy policies to store and manage sensitive customer data safely. They should implement proactive cyber defense systems to prevent such attacks.