International Game Technology (IGT), a global leader in gambling technology, allegedly fell victim to a **Qilin ransomware attack**, resulting in a **10GB data leak** (approximately 21,600 files) posted on the dark web. The leaked archive, labeled as 'Publicated,' suggests full public exposure, though IGT has neither confirmed nor denied the breach. Qilin, a Russian-speaking **ransomware-as-a-service (RaaS)** group known for **double-extortion tactics**, claimed responsibility. The attack targeted IGT’s systems, potentially compromising sensitive corporate, financial, or operational data. As the primary technology provider for **26 US lotteries** and a $2.5 billion revenue company operating in **100+ jurisdictions**, the breach could undermine trust among clients, regulators, and partners. The lack of sample verification and IGT’s silence heighten uncertainty, but the scale of the leak—combined with Qilin’s history of high-profile attacks (e.g., Synnovis, Asahi Group, SK Group)—signals severe reputational and operational risks. The incident aligns with Qilin’s pattern of targeting large enterprises for maximum disruption and financial gain.
IGT cybersecurity rating report: https://www.rankiteo.com/company/igt
"id": "IGT2192021112025",
"linkid": "igt",
"type": "Ransomware",
"date": "11/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Gambling Technology',
'location': {'headquarters': 'London, UK',
'major_hubs': ['Las Vegas, USA',
'Rome, Italy',
'Providence, USA']},
'name': 'International Game Technology (IGT)',
'size': 'Global (operates in 100+ jurisdictions)',
'type': 'Corporation'}],
'data_breach': {'data_exfiltration': '10GB archive allegedly leaked via FTP '
'link on dark web',
'number_of_records_exposed': '~21,600 files'},
'description': 'Qilin, a RaaS group, claimed to have leaked 10GB of data '
'(approximately 21,600 files) from International Game '
'Technology (IGT), a global leader in gambling technology. The '
'data was allegedly posted on the dark web via an FTP link, '
'but IGT has not confirmed or denied the breach. Qilin is '
'known for double-extortion attacks and has targeted over 900 '
'victims across industries since 2022.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'alleged breach',
'data_compromised': '10GB (~21,600 files)'},
'initial_access_broker': {'data_sold_on_dark_web': 'Alleged 10GB archive '
'published via FTP link'},
'investigation_status': 'Unconfirmed by IGT; no public investigation details '
'available',
'motivation': ['financial gain', 'data extortion'],
'ransomware': {'data_exfiltration': '10GB (~21,600 files)',
'ransomware_strain': 'Qilin (RaaS)'},
'references': [{'source': 'TechRadar / Cybernews'}],
'response': {'communication_strategy': 'No public confirmation or denial; no '
'media responses'},
'threat_actor': 'Qilin (aka Agenda)',
'title': 'Qilin ransomware group claims 10GB data leak from gambling tech '
'giant IGT',
'type': ['ransomware', 'data breach']}