Aristocrat confirmed to have been the target of a cyber attack last June, in which a hacker managed to extract data, including personal information belonging to Aristocrat employees, from a company server.
In a company statement, the gaming content and technology company stated the hacker exploited a newly identified vulnerability in third-party file sharing software used by the company, with extracts of the stolen data published online.
‘Aristocrat upholds high probity standards and takes the privacy and security of all personal data seriously. Aristocrat has taken comprehensive steps since becoming aware of the incident,’ the company indicated in the statement.
Such measures included containing the incident and remedying its MOVEit software vulnerability; notifying relevant law enforcement, required gaming and other regulatory authorities; working with the support of independent experts to determine what data was exfiltrated, implement mitigations and uphold our obligations; and advising all Aristocrat employees globally and offering complimentary credit monitoring and identity theft protection services.
A risk assessment of any potential impact to its business arising from this incident was also conducted, with Aristocrat expecting a low business impact with the execution of an appropriate risk management and mitigation plan.