Australia's largest gaming and entertainment company, Crown Resorts, announced a data compromise that was brought on by the use of the recently found GoAnywhere zero-day vulnerability.
A ransomware gang recently approached them and said they had illegally gotten a small number of Crown files.
Additionally stated that none of our customers' data has been compromised, and neither have our business activities.
Source: https://securityaffairs.com/144193/data-breach/crown-resorts-clop-ransomware.html
TPRM report: https://scoringcyber.rankiteo.com/company/crown-resorts
"id": "cro32821023",
"linkid": "crown-resorts",
"type": "Vulnerability",
"date": "03/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Gaming and Entertainment',
'location': 'Australia',
'name': 'Crown Resorts',
'type': 'Company'}],
'attack_vector': 'Exploitation of GoAnywhere zero-day vulnerability',
'description': "Australia's largest gaming and entertainment company, Crown "
'Resorts, announced a data compromise that was brought on by '
'the use of the recently found GoAnywhere zero-day '
'vulnerability. A ransomware gang recently approached them and '
'said they had illegally gotten a small number of Crown files. '
"Additionally stated that none of our customers' data has been "
'compromised, and neither have our business activities.',
'motivation': 'Financial gain, data theft',
'threat_actor': 'Ransomware gang',
'title': 'Crown Resorts Data Compromise',
'type': 'Data Breach, Ransomware',
'vulnerability_exploited': 'GoAnywhere zero-day vulnerability'}