Jackpot Junction Reopens Following Cyberattack, Offers Free Play
Gaming at Jackpot Junction Casino Hotel has resumed after a nearly two-week closure due to a cyberattack.
The casino in Minnesota, managed by the Lower Sioux Indian Community, closed its over 1,200 slot machines and bingo games on April 3. Table games remained unaffected, but the majority of restaurants closed as well.
The resort stated that a “cybersecurity incident involving permitted access to specific systems” was responsible. The casino reactivated its slot machines last Friday, and its bingo hall with 250 seats opened again.
"Welcome back! We missed you!” Jackpot Junction posted on Facebook. “There’s a seat with your name on it — time to spin and win again!”
A notice on the casino floor expressed gratitude to visitors for their patience amid the cyberattack.
“As a heartfelt thank you for your patience and support, all Rewards Club members will receive special tiered Free Play to celebrate our return and show our appreciation,” the sign explained. Such free play must be redeemed by April 30.
Information on the cyberattack is limited.
Jackpot Junction did not disclose details on how it addressed the cyberattack. No information was provided on whether the casino paid a ransom to restore its IT networks or if any customer/employee data was affected.
RansomHub, associated with Russia, claimed responsibility for the illegal actions. RansomHub is a contractor on the dark web that executes cyber operations for clients and partners. The cybergang usually takes a 10% cut of the total ransom collected along with a fixed charge for executing the operation.
Officials from the Lower Sioux Indian community stated they engaged an external company to address the incident. In addition to its gaming activities, the cyberattack caused malfunctions in the tribe's healthcare center and administrative office. On March 28, the tribe indicated issues with telephone communication.
The tribe reports that approximately 145 families, with a population nearing 1,000, reside on the tribe’s over 1,700-acre sovereign land in Minnesota’s River Valley.
Jackpot Junction is the sole casino of the Lower Sioux. The hotel at the resort features 379 rooms and an 18-hole championship golf course.
RansomHub Utility
Officials in cybersecurity commenting on the most recent US casino targeted by cybercrime state that RansomHub has created a distinctive malware tool enabling it to breach so-called secure IT systems.
Cybersecurity experts Jan Holman and Jakub Souček, writing in We Live Security, an online website covering the online security community, say the product is “a special type of malware designed to terminate, blind, or crash the security product installed on a victim’s system, typically by abusing a vulnerable driver.”
This indicates that the breach of the Jackpot Junction networks probably wasn't due to social engineering, unlike the notable 2023 attacks on MGM Resorts and Caesars Entertainment. Social engineering entails a cybercriminal tricking, persuading, or misleading a victim to obtain access or control over a computer system.
During the MGM incident, an online offender reportedly impersonated an MGM staff member who contacted IT support to get their login details reset. Social engineering tactics became more prevalent during the COVID-19 pandemic as numerous employees operated remotely on company-provided laptops.
