International Game Technology (IGT), a global leader in gambling technology, allegedly fell victim to a **Qilin ransomware attack**, resulting in a **10GB data leak** (approximately 21,600 files) posted on the dark web. The ransomware-as-a-service (RaaS) group, known for **double-extortion tactics**, claimed responsibility but provided no sample verification. The leaked archive, labeled 'Publicated,' is reportedly accessible via an FTP link, though IGT has neither confirmed nor denied the breach. As the primary technology provider for **26 US lotteries** and a $2.5B revenue enterprise (2024), the incident poses significant reputational and operational risks. Qilin, a prolific threat actor with **900+ victims** since 2022, has previously targeted high-profile entities like **Synnovis (NHS hospitals)**, Asahi Group (Japan), and SK Group (South Korea). The attack’s scope remains unclear, but the leaked data could include sensitive corporate, financial, or customer-related information, amplifying potential fallout for IGT’s global operations across **100+ jurisdictions**.
IGT cybersecurity rating report: https://www.rankiteo.com/company/igt
"id": "IGT2502025112125",
"linkid": "igt",
"type": "Ransomware",
"date": "6/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': ['gambling technology',
'lottery systems',
'electronic gaming',
'sports betting'],
'location': {'headquarters': 'London, UK',
'major_hubs': ['Las Vegas (USA)',
'Rome (Italy)',
'Providence (USA)']},
'name': 'International Game Technology (IGT)',
'size': 'Global (operates in 100+ jurisdictions)',
'type': 'Public company'}],
'data_breach': {'data_exfiltration': 'Claimed (10GB archive posted on dark '
'web via FTP)',
'number_of_records_exposed': '~21,600 files'},
'description': 'Qilin, a RaaS group, claimed to have leaked 10GB of data '
'(approximately 21,600 files) from International Game '
'Technology (IGT), a global leader in gambling technology. The '
'data was allegedly posted on the dark web via an FTP link, '
'but IGT has not confirmed or denied the breach. Qilin is '
'known for double-extortion attacks and has targeted over 900 '
'victims across industries since 2022.',
'impact': {'brand_reputation_impact': 'Potential reputational damage '
'(unconfirmed breach)',
'data_compromised': '10GB (~21,600 files)'},
'initial_access_broker': {'data_sold_on_dark_web': 'Claimed (10GB archive '
"labeled 'Publicated')"},
'investigation_status': 'Unconfirmed by IGT; claims made by Qilin on dark web '
'leak site',
'motivation': ['financial gain', 'data extortion'],
'ransomware': {'data_exfiltration': 'Confirmed (double extortion: data stolen '
'before encryption threat)',
'ransomware_strain': 'Qilin (RaaS)'},
'references': [{'source': 'Cybernews'}, {'source': 'TechRadar'}],
'response': {'communication_strategy': 'No public confirmation or denial; no '
'media responses'},
'threat_actor': 'Qilin (formerly Agenda)',
'title': 'Qilin ransomware group claims 10GB data leak from gambling tech '
'giant IGT',
'type': ['ransomware', 'data breach', 'double extortion']}