Casino Equipment Supplier GPI Victim to REvil’s Hacker Attack

A top supplier of casino equipment is the latest victim of a Russian hacker group known as REvil, according to a statement on the Dark Web.

Pay or Have Your Data Exposed

The hacker group REvil reportedly took control over the servers of Gaming Partners International, a leading provider of casino currency and table game equipment worldwide, encrypted 540 gigabytes of sensitive data from it and is asking for a hefty ransom in exchange for returning control over the servers. The hackers gave a 72-hour ultimatum to GPI to pay or have its data revealed to the public and possibly sold.

GPI is the latest victim of the popular Russian hacker group which recently managed to hack celebrity law firm Grubman, Shire, Meiselas & Sacks, which refused to be held to ransom and had data stolen from its servers auctioned off. REvil’s threat that they would reveal damaging details relating to President Trump actually never materialized.

GPI, which has offices and manufacturing facilities in many key regions including the Americas, Europe and Asia, was acquired in 2019 by the Angel Group, the manufacturer and distributor of internationally recognized Angel Playing Cards and Angel Eye and Super Eye dealing shoes.

REvil outlined in their warning to GPI they had all of the most important data, such as financial documents, contracts and technical documentation for the company’s gaming machines, including for its customers in Macau and Mexico. The group did not provide details regarding the amount they request in exchange of returning control to GPI’s servers and not making sensitive data that would cause losses to GPI’s customers public.

Ransom Payment Provides No Guarantee

The tactic of hacking and encrypting data on companies’ servers is an increasingly common approach adopted by ransom-ware groups, and in these situations victims face one of two options, to pay without any guarantee stolen data would not be further monetized or published, or to refuse to pay and have its data auctioned off.

Even if GPI agrees to pay the hefty ransom, whether REvil will destroy the data upon payment is something only they could possibly know, noted Brett Callow, a threat analyst at cybersecurity firm Emsisoft, outlining that he personally did not believe they would just like that destroy or dispose of information they could use or even monetize further.

Gambling companies are not exempt from cybersecurity threats, as in March, just when the most important details about the reverse merger deal with Diamong Eagle Corp and DraftKings, sports betting technology supplier SBTech was hit by a hacker attack which led to its data centers across the globe being shut down.