The fantasy sports company, DraftKing Inc, recently filed a Form S-1 registration statement with the U.S. Securities and Exchange Commission, or SEC. This form states that SBTech, a company that DraftKing Inc. acquired, was hit by a ransomware attack in March.
According to the registration form, which is required by the SEC before companies can go public on the Nasdaq, SBTech, an online gaming technology provider that merged with DraftKing, suffered the cyber attack before the merger was completed on March 27.
Israeli software company delays payment of $250,000 ransom at Bitcoin
The SEC filing said:
„On March 27, 2020, SBTech detected a ransomware attack on its network (the ‚cyber security incident‘). SBTech immediately closed its data centers. The operation of sports betting and iGaming services for SBTech’s customers were disrupted as a result of the cyber security incident. SBTech informed the relevant regulatory authorities and notified the affected partners and customers. SBTech believes that it is in compliance with the applicable regulatory requirements related to the cybersecurity incident.
New ransomware using sophisticated techniques to avoid detection
Ransomware Gang Undisclosed in SEC Filing
According to ZDNet, the online gambling company had to deposit $30 million in escrow on April 10 to deal with the cyber attack. At that time, this attack was not yet confirmed as a result of ransomware. The funds in escrow were reserved to cover the costs of damages and litigation fees.
No further details were disclosed in the SEC filing.
U.S. Congressional Committee: Cybercrime Rate Up 75% During COVID-19 Pandemic
DraftKing clarified that the interruption of its operations led SBTech to compensate its customers for the downtime. They claim that this had an intangible financial impact on SBTech and DraftKings to date.
SBTech’s investigation concluded that the impact of the cyber security incident was successfully mitigated. It also included recommendations for security improvements to SBTech’s network and information technology controls.
Recent Ransomware Incidents
Recently, an Israeli-based company reportedly paid $250,000 in Bitcoin Billionaire to a ransomware band that threatened to shut down its systems.
Cointelegraph reported on June 10 that a ransomware attack called „Thanos“ has been promoted on several darknet hacking forums since February.