Brodie Thomas reports:
Hackers have released more data from the Cowboys Casino hack of last year, this time with more sensitive information.
The second data dump appeared on a torrent site and on the website pastebin.com on Thursday.
“Cowboys Casino has still not taken the matter of their customers/employees security seriously, so we are releasing our 2nd data dump to the public,” reads the message.
Read more on Metro News.
As they have done in the past, an email was sent to DataBreaches.net to alert this site to the new paste/torrent. And as they have done in the past, this email came from a name and an email address not previously used to communicate with this site.
Of note, perhaps, the attackers made a point of including emails in their data dump that seem to support their claim that the casino had past problems with infosecurity. But curiously, or not, the emails in the data dump are not time-stamped, except for one email that was from 2014.
So where is the proof that the casino is still having infosecurity issues that would warrant the alleged hacktivism? The hackers, whom FireEye researchers call “FIN10,” warn:
more data dumps will continue until Cowboys Casino decides to resolve this issue.
But is the issue really infosecurity or is the issue payment of an extortion demand?
That said, the torrent does include what the hackers describe, including employee disciplinary letters and other sensitive information. Most of the data and files appear to be older, with the most recent files appearing to be circa mid-2016.
DataBreaches.net asked the individual who notified this site of the new dump if they’d be willing to answer a few questions, but has gotten no response as yet.