SBTech-powered sites taken offline following Cyberattack

SBTech, a provider of services to numerous online bookmakers, has suffered a cyberattack late Friday, that has forced them to discontinue their services for more than 5 days. The cybersecurity threat from this company has affected casinos and sportsbooks around the world.

Last Monday, SBTech informed its collaborators and partners that they had been the target of an attempted ransomware attack, although their clients' data was not compromised.

Here is the email sent to the operators:

«As you know, on Saturday, March 28, 2020, we suffered an attack on our security systems that resulted in an unauthorized third party gaining access to our data centers in the EU and the US.

Third-party that made the attack successfully encrypted data hosted on our servers within each data center, impeding our ability to access and use that data to operate our business. By identifying the incident, we suspend access to all sites that are served by our platform.

We have engaged with cybersecurity experts from other companies and law enforcement agencies to help us conduct an urgent investigation and we have no reason to believe that the personal data of our customers' end-users has been extracted from our databases.»


This is a ransomware attack?

Geraint Williams, the chief information security officer at IT services company GRCI Group, said the incident had the hallmark of a ransomware attack, where hackers attempted to steal company data and code.

“Companies of this size usually have the resources and back-up servers to resume services relatively quickly if its a DDOS attack. Whereas if its a ransomware attack, it can take quite a bit of time to restore systems and make sure they are clean,” Williams said.

Hacker group «Maze» carried out a series of ransomware attacks last week, with targets including the Curacao-licensed BetUS, insurance firm Chubb and French company Bouygues Construction. However, there is no news of their connection to these attacks on SBTech.

This attack has affected sites around the world, including Churchill Downs’ BetAmerica and the Oregon Lottery’s Score Board in the US. In Europe, there are more victims like - 10bet, Bet.pt, Bethard, Luckia, ComeOn, Virgin Bet, Mr.play and others that are currently offline.

This will be followed by numerous systems quality checks and testing works before it will bring more than 50 SBTech-powered sites around the world back online.