Saskatchewan Liquor and Gaming Authority cyberattack – group claims responsibility

Threat actors claim to have stolen one and a half terabytes worth of sensitive data

Saskatchewan Liquor and Gaming Authority cyberattack – group claims responsibility

Cyber

By

A hacking group has come forward, claiming responsibility for the cyber incident that affected the Saskatchewan Liquor and Gaming Authority (SLGA) on Christmas Day.

A man who calls himself “Jason Walmart” reached out to the media to confirm that he is part of an organization that hacked the SLGA late last year.

“We downloaded all the private and sensitive information,” Walmart told CBC News in a phone call. “We got one-and-a-half terabytes of their confidential data.”

Walmart also said that he chose to contact the broadcasting station because the province of Saskatchewan refused to negotiate.

“We tried to reach the company to provide them this information and to start negotiations. They said they don’t care about the problem,” the self-proclaimed hacker said.

Not long after CBC News spoke with Walmart, another individual going by the name “Dr. Clement Goyette” sent the news outlet a link to an “evidence pack” of files. The pack allegedly contains over 500 MB of what appears to be SLGA’s internal documents, which include bank records, budgets, contracts, employee data, and supplier agreements.

SLGA is the main distributor and sole licensing agent for the sale of alcohol in Saskatchewan. In December 28, 2021, it revealed that it had suffered a cyberattack on Christmas Day. In a previous statement, the authority said that it did not have any evidence that information pertaining to customers, employees, or other personal data had been misused.

It was only very recently, on March 22, that the SLGA posted an update on the cyberattack incident. In a statement on its website, SLGA said that it now believes that personal information of its regulatory clients “may have been accessed or taken by an unauthorized third party.”

In an email statement to CBC News, SLGA said that it had contacted employees both current and former shortly after the cyber incidents, warning them that their data may have been compromised. It also said that it had immediately offered credit monitoring services to its employees.

CBC News also conducted its own investigation into the leaked files, and reached out to two suppliers affiliated with the SLGA whose information was part of the leak. Both of the suppliers’ credit card information had been compromised through the leak, and they both pointed out that the SLGA failed to properly notify them of the breach.

“I’m pretty livid,” one of the suppliers said. “I’m disappointed in the lack of transparency. I feel like they were not totally upfront about the severity of the breach.”

That supplier – whose name has been withheld due to concerns about the potential negative effects the hack may have on their business – was also not impressed with the way the SLGA handled the notification through a post on its website.

“I don’t care what they put on their website. They should be contacting people directly,” the supplier said. “They want to cover their ass now.”

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!