Gateway Casinos Tells Employees Their Information Was Hacked

The effects of a debilitating cyberattack at its Ontario locations earlier in the year are still being felt by Gateway Casinos.

However, a spokesperson later confirmed the attack and said it had “presumably resulted in the illegal obtaining of confidential information on employees.” Experts from the cybersecurity community say that once data is caught up in a ransomware attack, there is little victims can do to have it removed from the dark web. On April 16, Gateway Casinos closed all 14 of its resort casinos in Ontario after the company became the victim of a ransomware attack. Great Canadian Entertainment and Gateway Casinos are two of the largest gaming operators in Canada, who together run casino gambling for the Ontario government. The attack caused a major disruption in both companies’ businesses, while simultaneously compromising confidential employee information. Cybersecurity professionals have noted that, once a breach occurs, victims struggle to completely remove the stolen data from the dark web.

The attack has since been admitted to by the entity, though it was not known if any personal data of guests or personnel had been affected. It has come to light that employee information was indeed taken.

Employee Data Seized

At the beginning of this month, workers with Gateway Casinos expressed their dismay towards the company’s response to the ransomware attack. It wasn’t until recently that they revealed they would be providing free credit and identity monitoring services to their employees. Nevertheless, the union representing the employees declared that Gateway should have been taking this precaution from the start. “Gateway should have done it from the get-go,” stated Unifor representative Greg Weaver. “Personal information is confidential, and if it’s out there, who knows what could happen.” Recently, Gateway sent out a letter to their Ontario worker base notifying them of the potential breach of personal data due to the ransomware attack, which happened on April 16th. The cyberattack made their IT network inoperable.

In April, Gateway initiated the process of slowly restoring its IT systems with the help of outside cybersecurity specialists. As the systems are restored, an investigation is underway to determine if personal information was compromised. Once the investigation is finished, Gateway believes that personal information belonging to both current and prior employees may have been stolen. Additionally, the burglars were even able to get their hands on data such as the personal information of employees’ spouses, partners, and/or dependents. It is an indisputable fact that data is valuable.

Data is Money

For cybercriminals, data is viewed as the utmost asset, according to cybersecurity experts. In an interview with CTV Windsor, cybersecurity expert Ritesh Kotak declared that confidential information has huge monetary worth on the dark web, a marketplace for illegal activities. Once somebody’s data has been infiltrated, their information is scattered throughout cyberspace and used for illicit purposes, such as identity theft through acquiring loans in the victim’s name. Kotak emphasized that data leaked onto the dark web perpetuates on the internet indefinitely. Employees of Gateway Casinos have been granted free monitoring and identity theft services in a period of 12 months, an effort towards mitigating their vulnerability.