Home Australia Star punters’ details exposed in massive legal hack as identity data is leaked on the dark web – but casino kept quiet for a YEAR after they were alerted

Star punters’ details exposed in massive legal hack as identity data is leaked on the dark web – but casino kept quiet for a YEAR after they were alerted

by Elijah
0 comment
Star Entertainment Group, which runs The Star casinos in New South Wales and Queensland, has told some of its clients that their data was leaked in a cyberattack on HWL Ebsworth Lawyers that took place in April last year.

Some of The Star casino’s gamblers have had their private data exposed in a massive data breach in which millions of documents were stolen by Russian hackers from Australia’s largest law firm.

Star Entertainment Group, which runs The Star casinos in New South Wales and Queensland, has told some of its clients that their data was leaked in a cyberattack on HWL Ebsworth Lawyers that took place in April last year.

Much of the private information, including banking details, passports and physical addresses, ended up on the dark web for three weeks before the law firm obtained a court order to delete it.

It is unclear why it took almost 12 months for the casino to warn its customers.

Star Entertainment Group, which runs The Star casinos in New South Wales and Queensland, has told some of its clients that their data was leaked in a cyberattack on HWL Ebsworth Lawyers that took place in April last year.

Star Entertainment Group, which runs The Star casinos in New South Wales and Queensland, has told some of its clients that their data was leaked in a cyberattack on HWL Ebsworth Lawyers that took place in April last year.

1711356148 258 Star punters details exposed in massive legal hack as identity

1711356148 258 Star punters details exposed in massive legal hack as identity

Some of the information, including bank details, passports and physical addresses, ended up on the dark web for three weeks before the law firm obtained a court order to delete it.

A spokesperson for HWL Ebsworth Lawyers said analyzing the stolen data was a “detailed and complex challenge”.

One furious punter was told his passport, driving licence, tax return number and birth certificate were potentially exposed in the attack.

The casino informed the customer that HWL Ebsworth Lawyers would reimburse him for the cost of replacing his driver’s license or passport.

“The latest Star casino fiasco – offering to cover the cost of a replacement license and passport is not enough… I hope there is another class action lawsuit against the Star that I can join,” he told Daily Mail Australia.

In a statement, The Star revealed the huge and alarming list of personal information at risk.

These included physical addresses, phone numbers, employment information, physical signatures, credit card details, Medicare card scans, medical information and banking details.

One furious punter was told his passport, driving licence, tax return number and birth certificate were potentially exposed in the hack (pictured).

One furious punter was told his passport, driving licence, tax return number and birth certificate were potentially exposed in the hack (pictured).

One furious punter was told his passport, driving licence, tax return number and birth certificate were potentially exposed in the hack (pictured).

1711356149 897 Star punters details exposed in massive legal hack as identity

1711356149 897 Star punters details exposed in massive legal hack as identity

“The latest Star casino fiasco – offering to cover the cost of a replacement license and passport is not enough… I hope there is another class action lawsuit against Star that I can join,” the gambler told Daily Mail Australia.

“HWLE and The Star appreciate that it has taken some time to send this notice since the incident was discovered,” the statement said.

“This is because a large volume of data was extracted, but the extent of the impact on personal information was not immediately apparent to HWLE.

“A complex and comprehensive manual review was required to assess what personal information was involved and identify the affected individuals.”

The hack was blamed on a Russian group called ALPHV, also known as BlackCat, which stole 2.5 million documents from HWL Ebsworth clients last year.

HWL Ebsworth refused to pay a $7.1 million ransom and in June last year successfully obtained an injunction from the New South Wales Supreme Court preventing details from being published on the dark web.

The legal association said the court order was “extremely successful.”

“In the absence of the court order, anyone with access to the dark web would not have had any legal restrictions on accessing the published portion of the exfiltrated data during the short period of time it was accessible,” HWL Ebsworth said in a statement.

“Our approach has restricted the potential for misuse of exfiltrated data, while ensuring that affected individuals are notified of the sensitive data that was affected in this incident.”

It’s the latest in a series of setbacks for the embattled Star casino.

He is currently facing a second investigation into whether he should have a license to run his Sydney casino.

A previous investigation conducted in 2022 two years ago found its compliance measures were not up to par, allowing money laundering and fraud to flourish.

If the second investigation finds that no improvements have been made, the casino risks losing its license entirely.

You may also like