SBTech-powered sites have been down for more than 72 hours as the platform provider deals with a cybersecurity threat.
SBTech first its informed customers, including the Oregon Lottery, BetAmerica, Golden Nugget and Resorts, late on Friday night.
On Monday, SBTech confirmed to partners it had been the target of an attempted ransomware attack, but no customer data had been taken.
The company said it had engaged with 3rd party cyber security experts and law enforcement agencies on an urgent investigation into the incident.
SBTech-powered sites, like BetAmerica, still show this message.
When will SBTech sites and sportsbooks be live again?
Following the closures, SBTech will need clearance from regulators before it is able to relaunch its US servers.
The New Jersey Division of Gaming Enforcement said in a statement: “We will review and confirm that SB Tech’s operating systems satisfy all of the Division’s performance standards prior to resuming operations.”
SBTech has a presence, via partners, in six US states:
- New Jersey
- Pennsylvania
- Indiana
- Oregon
- Mississippi
- Arkansas
Not ideal preparation for DraftKings merger
The attempted cyberattack comes just weeks before DraftKings’ acquisition of SBTech is expected to close. Sources close to the situation suggested the impending merger could feasibly have prompted the attack.
Otherwise, it’s a strange time for a cyberattack on a sportsbook-led company, with most sports currently canceled.
Who has been hit the hardest?
BetAmerica is likely the worst-affected of SBTech’s US partners, as it uses the entire SBTech platform, including the online casino. The Oregon Lottery Scoreboard product is also completely out of action. On the other hand, Golden Nugget and Resorts only take the SBTech sportsbook, so they still have a functioning online casino product.
It’s still unclear how operators will be compensated for the downtime, although they could be in line for service credits.
The Oregon Lottery specifically is not covered for compensation if the platform is hit with a DDOS attack, but the length of the outage suggests it was another type of cybercrime.
Ransomware attack?
Geraint Williams, chief information security officer at IT services firm GRCI Group, said the incident had the hallmarks of a ransomware attack, where hackers attempt to steal company data and code.
“Companies of this size usually have the resources and back-up servers to resume services relatively quickly if its a DDOS attack. Whereas if its a ransomware attack, it can take quite a bit of time to restore systems and make sure they are clean,” Williams said.
The hacking group Maze carried out a number of ransomware attacks last week, with targets including Curacao-licensed online sportsbook BetUS, cybersecurity insurance firm Chubb, and the French firm Bouygues Construction.