Crown Resorts data breach: employee and membership records were leaked

Crown Resorts has confirmed that a small number of files were released on the dark web.

Australia.- Crown Resorts has issued an update after a group claimed to have accessed data through a cyberattack on third-party file transfer service GoAnywhere. The casino operator has confirmed that a small number of files were released on the dark web, including employee time and attendance records and some membership numbers from Crown Sydney.

The statement says that no personal information of customers was compromised. It said that membership numbers were a number only. Meanwhile, the time and attendance files of current and past employees did not include bank names, tax IDs, BSB or payslip information.

The casino operator said: “We are proactively notifying all impacted individuals and are updating membership numbers of those affected out of an abundance of caution. Crown continues to work with law enforcement and our regulators in relation to this cybercrime.” 

See also: Crown Resorts launches multi-year transformation programme