Casino tech outfit Bragg cops to intrusion but says data jackpot untouched
(2025/08/19)
- Reference: 1755617472
- News link: https://www.theregister.co.uk/2025/08/19/bragg_attack/
- Source link:
Canadian casino software slinger Bragg Gaming Group has disclosed a "cybersecurity incident," though it's adamant the intruders never got their hands on customer data.
MGM Resorts shuts down website, computer systems after 'cybersecurity incident' [1]READ MORE
The Toronto-based firm, which pumps out online casino and sportsbook tech for operators across Europe and North America, [2]said it discovered the attack early on Saturday, August 16. Within hours, it claims, the company had wheeled in outside security muscle and was "following industry protocols" to contain the intrusion.
According to Bragg, the compromise was restricted to its internal IT plumbing. No gaming services went down, nobody lost access to their accounts, and, at least according to early forensics, no personally identifiable information was rifled through. The company says it still has full access to its own data and continues to operate normally.
That all sounds reassuring, but the statement left a thicket of unanswered questions. Bragg hasn't said how the attackers broke in, whether they got away with anything before being caught, or if the incident involved the tedious specter of ransomware. It's also not yet known who is behind the intrusion, which has not yet been claimed by any of the big-name online crime groups.
We put those questions directly to Bragg, but the company has yet to respond.
[3]Google admits anticompetitive conduct in Australia, agrees to modest fine
[4]Norwegian lotto mistakenly told thousands they were filthy rich after math error
[5]Bug hunter tricked SSL.com into issuing cert for Alibaba Cloud domain in 5 steps
[6]Digital Isle of Man: For all your connected tax haven needs?
Gambling companies are a regular target for extortion crews thanks to their reliance on 24/7 uptime and large volumes of personal and financial data. Casino giant MGM Resorts learned that the hard way last year when [7]ransomware shut down slot machines , room keys, and even its car parks in Las Vegas, [8]ultimately costing the firm more than $100 million .
Bragg insists it's not facing anything of that magnitude. Still, if attackers were able to wriggle into its internal environment, questions remain about how long they were inside, what they were after, and why its own defenses didn't stop them sooner.
[9]
For now, Bragg claims that operations continue as usual, customers are unaffected, and the clean-up is in expert hands. But until the company offers more than boilerplate assurances, customers will be left wondering whether this is the harmless hand it claims – or whether the house is keeping a few cards face-down. ®
Get our [10]Tech Resources
[1] https://www.theregister.com/2023/09/11/mgm_resorts_cybersecurity_incident/
[2] https://investors.bragg.group/pr/news-details/2025/Bragg-Gaming-Group-Announces-Cyber-Security-Incident/default.aspx
[3] https://www.theregister.com/2025/08/18/asia_tech_news_in_brief/
[4] https://www.theregister.com/2025/06/30/norwegian_lotto_error/
[5] https://www.theregister.com/2025/04/22/ssl_com_validation_flaw/
[6] https://www.theregister.com/2024/12/07/digital_isle_2024/
[7] https://www.theregister.com/2023/09/11/mgm_resorts_cybersecurity_incident/
[8] https://www.theregister.com/2023/10/06/mgm_resorts_cyberattack_cost/
[9] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aKSfmt7OWsXPNMCfV7LKBAAAAQg&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[10] https://whitepapers.theregister.com/
MGM Resorts shuts down website, computer systems after 'cybersecurity incident' [1]READ MORE
The Toronto-based firm, which pumps out online casino and sportsbook tech for operators across Europe and North America, [2]said it discovered the attack early on Saturday, August 16. Within hours, it claims, the company had wheeled in outside security muscle and was "following industry protocols" to contain the intrusion.
According to Bragg, the compromise was restricted to its internal IT plumbing. No gaming services went down, nobody lost access to their accounts, and, at least according to early forensics, no personally identifiable information was rifled through. The company says it still has full access to its own data and continues to operate normally.
That all sounds reassuring, but the statement left a thicket of unanswered questions. Bragg hasn't said how the attackers broke in, whether they got away with anything before being caught, or if the incident involved the tedious specter of ransomware. It's also not yet known who is behind the intrusion, which has not yet been claimed by any of the big-name online crime groups.
We put those questions directly to Bragg, but the company has yet to respond.
[3]Google admits anticompetitive conduct in Australia, agrees to modest fine
[4]Norwegian lotto mistakenly told thousands they were filthy rich after math error
[5]Bug hunter tricked SSL.com into issuing cert for Alibaba Cloud domain in 5 steps
[6]Digital Isle of Man: For all your connected tax haven needs?
Gambling companies are a regular target for extortion crews thanks to their reliance on 24/7 uptime and large volumes of personal and financial data. Casino giant MGM Resorts learned that the hard way last year when [7]ransomware shut down slot machines , room keys, and even its car parks in Las Vegas, [8]ultimately costing the firm more than $100 million .
Bragg insists it's not facing anything of that magnitude. Still, if attackers were able to wriggle into its internal environment, questions remain about how long they were inside, what they were after, and why its own defenses didn't stop them sooner.
[9]
For now, Bragg claims that operations continue as usual, customers are unaffected, and the clean-up is in expert hands. But until the company offers more than boilerplate assurances, customers will be left wondering whether this is the harmless hand it claims – or whether the house is keeping a few cards face-down. ®
Get our [10]Tech Resources
[1] https://www.theregister.com/2023/09/11/mgm_resorts_cybersecurity_incident/
[2] https://investors.bragg.group/pr/news-details/2025/Bragg-Gaming-Group-Announces-Cyber-Security-Incident/default.aspx
[3] https://www.theregister.com/2025/08/18/asia_tech_news_in_brief/
[4] https://www.theregister.com/2025/06/30/norwegian_lotto_error/
[5] https://www.theregister.com/2025/04/22/ssl_com_validation_flaw/
[6] https://www.theregister.com/2024/12/07/digital_isle_2024/
[7] https://www.theregister.com/2023/09/11/mgm_resorts_cybersecurity_incident/
[8] https://www.theregister.com/2023/10/06/mgm_resorts_cyberattack_cost/
[9] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aKSfmt7OWsXPNMCfV7LKBAAAAQg&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[10] https://whitepapers.theregister.com/