Australian Ransomware Attack, 12 December 2024

Medusa claims 852.4GB of data stolen from Ainsworth Game Technology

These include, confidential business information, personal employee data, including first and last names, dates of birth, email addresses, bank account numbers, tax ID numbers and cards, passports and passport numbers.

Company Statement: Business Update – six months ending 31 December 2024
Source: Medusa claims 852.4GB of data stolen from Ainsworth Game Technology | Cyberdaily.au

View more incidents from New South Wales and incidents relating to Ransomware.

Ainsworth Game Technology Limited, a leading manufacturer and supplier of gaming machines, has fallen victim to a significant cyber attack. The Medusa ransomware group has claimed responsibility for the attack, alleging the exfiltration of 852.4 gigabytes of data from the company.

Details of the Attack
On December 10, 2024, Medusa listed Ainsworth Game Technology on its dark web leak site, providing a sample of the stolen data. This data includes business documents, confidential business information, and personal employee data such as names, dates of birth, email addresses, bank account numbers, tax ID numbers, and passport details. The ransomware gang has set a ransom demand of $1.2 million, with a countdown timer for the release of the data in two weeks.

Ainsworth’s Response

Broader Implications
This attack is part of a broader trend of ransomware incidents targeting companies worldwide. In September, the Medusa ransomware gang also attacked Compass Group, a North Sydney-based food and support services company, stealing 785.5 gigabytes of data. Medusa’s tactics include setting high ransom demands and threatening to publish stolen data if the demands are not met.

Ainsworth Game Technology, founded in 1995 and headquartered in NSW, Australia, operates in multiple regions including Australia, New Zealand, Asia, the US, and Europe. The company is known for its digital slots and gaming machines.