FEATURES
LEGAL: CYBER CRIME
HELD TO RANSOM Cyber crime is estimated to cost businesses some $10trn by 2025. No business sector is secure, says Carl Selby, Partner at Royds Withy King – least of all gaming In July last year, the gaming activity of millions of Clubillion players around the world was leaked to the press, and in January this year the details of over 500,000 Betway customers were sold following a malicious hack. Traditional ‘heavy industries,’ meanwhile, are not immune. Hacker group DarkSide grabbed headlines in the spring this year following an attack on Colonial Pipeline, which caused gas shortages in parts of the US. Colonial Pipeline ended up paying a $4.4m ransom to get its pipeline back online. More recently, JBS, the world’s largest meat supplier, had to shut down parts of its operations as a result of a ransomware attack, leading President Joe Biden to confirm he
76
GAMBLINGINSIDER.COM
had contacted the Russian Government directly about the cyber attacks. Although ransomware and other cyber security incidents are on the rise (a recent US federal inter-agency report estimated there were over 4,000 a day in the US), a look at the most recent statistics published by the UK’s Information Commissioner’s Office (ICO) shows 659 data breaches and 1,766 non-cyber security incidents being reported quarterly. While cyber security incidents are more likely to have more significant consequences for both data subjects and businesses, non-cyber security-related data breaches are more likely to occur and could still lead to significant issues. The ICO data points to
676 incidents of emails being sent to the wrong person or posted to the wrong address. Information could easily end up in the hands of a competitor or, worse, being handed to cyber criminals as part of a phishing attack. WHAT DO WE DO WHEN AN INCIDENT OCCURS? When you suffer a data breach or cyber security incident, time will not be on your side. Trying to deal with an incident on the fly will, almost inevitably, lead to mistakes. So a plan for dealing with a data breach or cyber security incident is a crucial first step. There is no one size fits all approach.
