Fantasy-sports company, DraftKing Inc, recently filed a Form S-1 registration statement with the U.S. Securities and Exchange Commission, or SEC. This form indicates that SBTech, a company DraftKing Inc acquired, was hit by a ransomware attack in March.
According to the registration form, which is required by the SEC before companies may go public on Nasdaq, SBTech, an online gambling technology provider which merged with DraftKing, suffered the cyber attack before the merger finalized on March 27.
The SEC’s filing stated:
“On March 27, 2020, SBTech detected a ransomware attack on its network (the“ cybersecurity incident ”). SBTech immediately shut down its data centers. The operation of the sports betting and iGaming services of SBTech’s customers was interrupted as a result of the cybersecurity incident. SBTech informed relevant regulatory authorities and notified affected partners and customers. SBTech believes it is in compliance with applicable regulatory requirements related to the cybersecurity incident.”
Ransomware gang not revealed in the SEC filing
According to ZDNet, the online betting company had to place $30 million in escrow on April 10 to deal with the cyberattack. At that time, this attack was not yet confirmed as the result of ransomware. The funds in escrow were set aside to cover damage costs and litigation fees.
No additional details were disclosed in the SEC filing.
DraftKing clarified that the interruption to its operations led SBTech to compensate its customers for downtime. They state that this had an immaterial financial impact on SBTech and DraftKings to date.
SBTech’s investigation concluded that the impact of the cybersecurity incident was successfully mitigated. It also included recommendations for security improvements to SBTech’s network and its information technology controls.
Recent ransomware incidents
Recently, an Israel-based company reportedly paid $250,000 in Bitcoin (BTC) to a ransomware gang that threatened to shut down its systems.
Cointelegraph reported on June 10 that a ransomware attack named “Thanos” has been promoted on a number of darknet hacking forums since February.