Aristocrat confirms employee data leak in hack

Aristocrat has confirmed it was subject to a cyber-attack earlier this year in which employee data was stolen.

The Australian firm noted that on 1 June a hacker exploited a ‘newly identified’ vulnerability in third-party file sharing software, MOVEit, used by the company.

Aristocrat is one of hundreds of organisations across the world to be impacted by the hack.

Other firms to be hit include UK communications regulator Ofcom, TomTom and the US Department of Energy.

Private healthcare information for millions of US citizens has also been stolen.

The attacks are reported to have been carried out by Russia-linked group Clop.

The supplier confirmed it was aware of reports that personal information belonging to employees had been published online.

Aristocrat said it had taken a series of steps since becoming aware of the incident. These included immediately containing the incident and remedying the vulnerable software as well as notifying the relevant regulatory bodies and law enforcement.

The group is working with independent experts to establish what data was taken and to implement future mitigations.

Aristocrat has also been in touch with its employees to offer complimentary credit monitoring and identity theft protection services, as well as providing advice over concerns.

In a statement, Aristocrat said: “Aristocrat has completed its risk assessment of any potential impact to its business arising from this incident.

“Based on the information available as at this date, Aristocrat expects low business impact with the execution of an appropriate risk management and mitigation plan.

“We will continue to manage this incident proactively and comprehensively, in the best interests of our people, business and other stakeholders.”