A ransomware attack disrupted operations at casinos and government services operated by the Sault Ste. Marie Tribe of Chippewa Indians in Michigan, with the cybercriminal group RansomHub claiming responsibility.
The attack, which occurred on Feb. 9, reportedly locked critical systems and resulted in the theft of 119 GB of data (501,211 files), according to a statement posted by RansomHub on its dark web leak site. The affected infrastructure includes Kewadin Casinos, convenience stores, government buildings, and tribal telecommunications services.
RansomHub, a known ransomware group, said it had attempted to contact the tribe for a week but received no response. “This demonstrates a blatant disregard for the personal data of their residents, customers, and employees of casinos and other breached institutions,” the group wrote.
RansomHub also criticized the tribe’s insurers, naming Corvus Insurance by Travelers, Crum & Forster Specialty Insurance Company, and Cowbell Cyber Risk Insurance, for allegedly failing to act to mitigate damages.
The group further accused the tribal Board of Directors of negligence: ”We made multiple attempts to contact the Board of Directors via email and phone. No response was received.”
The cybercriminals threatened to release all stolen data if they do not receive a response by Wednesday.
In a statement, Sault Ste. Marie Tribal Chairman Austin Lowes acknowledged the attack and ongoing recovery efforts. “We understand and share in our community’s frustration with this attack and the interruptions it has caused,” Lowes said.
The tribe has been working with cybersecurity experts to restore operations, though progress has been slower than expected. New phone numbers have been established, and operations are expected to remain limited for another week.
Details of the extent of the data breach have not been disclosed due to ongoing security concerns.
The attack has significantly impacted casino operations, leading to:
• Gaming system shutdowns affecting slot machines, online gaming, and loyalty programs
• Payment processing failures, disrupting cashless transactions
• Customer service delays affecting reservations and membership services
For casinos, every minute of downtime results in substantial financial losses, and the reputational damage from a cyberattack can have lasting effects.
Cybersecurity experts emphasize the importance of proactive measures to protect against cyber threats. One key recommendation is conducting regular data backups to prevent the loss of valuable information in the event of ransomware attacks.
Additionally, experts advise implementing phishing awareness training for employees, enforcing strong password policies, and using multi-factor authentication (MFA) for enhanced security. Having a robust incident response plan in place is also crucial to address potential breaches quickly and effectively.