BetUS, an online gambling operator, recently became the target of a hacking group that held the company’s internal data for ransom. The company was amongst many that were targeted by the hackers.

New crypto-ransomware attack

A crypto-ransomware group called Maze announced last week that it has obtained large amounts of internal data from various companies. The list of hacked companies included online sportsbook BetUS alongside French firm Bouygues Construction and cybersecurity insurance firm Chubb. The Curacao-licensed sportsbook operator apparently compromised three email addresses- [email protected], [email protected], and [email protected]. The hackers also included two proofs with some of the hacked data they received from the company on their website.

The first proof uploaded by the hackers contains 1GB of data and includes several technical files related to the company’s gambling software. It has also uploaded a second, much larger file, which contains a large number of internal documents of the company. These include minutes of board meetings, passport scans of some company executives, bank forms and even directorship changes.

Is customer data compromised?

The hackers have only focused on internal company data in the proofs they uploaded. It appears that personal information of customers is not a part of the hack. However, the hackers may have held on to that data to see if the company caves into their demands. Customers are advised to change their passwords as soon as possible and be extra vigilant during this time.

Other firms that were targeted by Maze have only released brief statements about the situation, acknowledging the hack. However, BetUS has not made any public comments on the issue yet. It is unclear if the company has alerted its customers about the problem.

Security vendor Emsisoft’s threat analyst Brett Callow said,

“other criminals are known to access the data on these leak sites and use it for their own purposes. Consequently, as these data dumps often contain information relating to companies’ customers and business partners, they’re at risk of spear phishing, identity theft, and forms of fraud. This is why it is so important that these incidents are disclosed.”

Maze likes to name and shame the companies that it targets. It demands a ransom of Bitcoin to ensure that they don’t publish the data and may even ask for more payment to delete that data. The group stole data from the City of Pensacola in December last year but said that it would “make a gift” and not publish anything. The group announced the hack only to make a statement that they have broken into the city’s systems.