Cybersecurity attacks disrupt tribal casinos in Minnesota and Michigan
Ransomware attacks have struck tribal casinos in Minnesota and Michigan, forcing closures and disrupting operations. These incidents highlight the vulnerability of the $41.9bn tribal gaming industry, which stores substantial amounts of customer financial data, making it a prime target for cybercriminals.
In Minnesota, the Lower Sioux Indian Community confirmed that its Jackpot Junction Casino was hit by ransomware on 2 April, affecting its operating systems and other tribal businesses. As of 10 April, slot machines and kiosks remained offline, while table games were operational. Bingo games were cancelled indefinitely, according to a notice on the casino’s website.
The cybercriminal group RansomHub claimed responsibility for the attack, though it remains unclear whether they attempted to extort a ransom for stolen data. In a statement, the tribe assured patrons they were “working to return to normal operations as quickly and as securely as possible.”
The disruption mirrors a similar incident in Michigan earlier this year when RansomHub targeted the Sault Ste. Marie Tribe of Chippewa Indians. The attack forced the closure of all five of the tribe’s casinos for over a week and impacted tribal government and health services. Sault Tribe chairman Austin Lowes apologised for the inconvenience caused and confirmed that the tribe had strengthened its IT systems as a result.
Lowes revealed that the tribe refused to pay RansomHub’s ransom demand, stating, “We could have paid their ransom and still had our data shared on the dark web.” He added that most data was recovered without payment, though he declined to disclose the ransom amount demanded by the hackers.
Over recent years, ransomware groups have extracted hundreds of millions of dollars from North American tribal and commercial casinos through stolen player data, operational disruptions, and financial losses. The National Indian Gaming Commission has since urged tribes to develop stringent cybersecurity practices to safeguard their operations.
California cardrooms weigh cybersecurity regulations
While tribal casinos grapple with ransomware threats, California regulators are exploring ways to bolster cybersecurity for commercial cardrooms. Lisa Wardall, executive director of the California Gambling Control Commission (CGCC), stated that current efforts are focused on education rather than mandates.
“This project was done to gather some preliminary research on the current practices employed within cardrooms along the lines of cybersecurity,” Wardall explained. She emphasised that no current regulations require cardrooms to report cyberattacks or review their security policies under California law.
Fred Castano, CGCC spokesman, noted that no cyberattacks have been reported by California’s 80 licensed cardrooms operating over 2,190 tables. However, a proposal drafted by the Gaming Policy Advisory Committee (GPAC) recommends measures such as regular software updates, multi-factor authentication (MFA), employee training on cybersecurity threats, and disaster recovery planning.
GPAC also suggested consulting cybersecurity experts for audits and implementing anti-virus software to ensure business continuity in case of attacks. Michael Koniski, general manager of Artichoke Joe’s Casino and GPAC member, highlighted concerns about costs for smaller cardrooms: “Protections on average could cost $100,000 to $200,000 and up to $500,000… if regulators were to mandate such a requirement it may be very expensive for smaller properties.”
Despite these challenges, Koniski stressed the importance of protecting all businesses in the industry: “I think we are here to protect the entire industry.”
The growing cost of cybersecurity in gaming
Ransomware attacks are becoming an increasingly expensive problem for tribal and commercial casinos alike. Since 2020, tribes in Idaho, Oklahoma, and New Mexico have been forced to temporarily close operations following similar incidents. These disruptions not only impact revenue but also erode trust among patrons who expect their sensitive information to be safeguarded.
For smaller gaming establishments like Tier One cardrooms in California, operating just one to five tables, the financial burden of implementing robust cybersecurity measures can be daunting.
However, experts agree that proactive investments in IT security are far less costly than recovering from a major breach.
As ransomware groups continue targeting vulnerable networks across North America’s gaming industry, both tribal nations and regulators face mounting pressure to adapt their security protocols swiftly. Whether through educational initiatives or regulatory mandates, strengthening cybersecurity is no longer optional, it’s essential for survival in today’s digital landscape.
The stakes couldn’t be higher: safeguarding customer trust while ensuring uninterrupted operations is critical for maintaining competitiveness in the increasingly tech-driven world of gaming.
