In the second half of last year, two leading betting and gaming operators, Caesars Entertainment and MGM Resorts International, fell victim to separate cyberattacks. While Caesars was able to resolve the situation rather quickly, the impact on MGM was more severe as it took the company days to resume normal operations. Not unexpectedly, the cybersecurity issue impacted the company’s Q3 2023 earnings.
Although no specific individuals were identified, it is believed that an online hacker group, known as Scattered Spider, orchestrated both cyberattacks. The group is believed to have first started operating two years ago, in May 2022. Since then, Scattered Spider helped orchestrate many cyberattacks and according to a new report, the number of attacks keeps growing.
As reported by Bloomberg, the hacker group is now targeting different financial institutions, including insurance companies and banks. The publication cited data from the leading cybersecurity risk company, Resilience Cyber Insurance Solutions, which has been tracking Scattered Spider’s online activities. Reportedly, the hacking group has been responsible for attacks against 29 companies since April 20 this year.
Per data from Resilience, two insurance companies have fallen victim to the latest cyberattacks by the hacker group. An expert with the cybersecurity company, whose name was not disclosed, confirmed that the security of two insurance companies was successfully breached by Scattered Spider. However, the expert did not disclose the names of the two businesses.
As noted, the recent attacks targeted other businesses as well. The list included Visa Inc., Transamerica, New York Life Insurance Co., Synchrony Financial, as well as PNC Financial Services Group Inc., among other financial institutions. Although the businesses may have been targeted by cyberattacks, no evidence suggests any breaches at this point.
Phishing Helps Steal Employee Credentials
CrowdStrike Holdings Inc., a leading cybersecurity firm, that gave the hacker group the name “Scattered Spider,” has also been tracking its activities. As of October, CrowdStrike has recorded a total of 52 breaches by the hacker group.
Currently, the FBI, in conjunction with the Cybersecurity and Infrastructure Security Agency is trying to help identify members of the hackers’ group. It is unclear whether law enforcement is actively investigating specific breaches, recent or past.
The latest effort of Scattered Spider involved phishing attempts. The group sent links through emails and text messages to employees of the financial institutions. Those links would redirect them to fake pages that would require their login credentials. Other methods used by the hacker group involved impersonating employees. In some cases, the victims were threatened with job termination in order to surrender details.