International Game Technology (IGT), a leading operator of slot machines and gaming technology, has disclosed a significant cybersecurity incident to the U.S. Securities and Exchange Commission (SEC). The company, known for its prominent role in casinos worldwide, reported that an unauthorised third party gained access to certain of its systems on Sunday 17th November, leading to disruptions in portions of its internal information technology infrastructure.
The breach, which came to light on November 19, 2024, has prompted IGT to activate its cybersecurity incident response plan. The company has launched a thorough investigation with the support of external cybersecurity experts to assess the full extent of the breach and its potential impact on operations.
While the specific details of the compromised data remain undisclosed, the incident has resulted in disruptions to parts of IGT's IT systems and applications. This could potentially lead to interruptions in normal business operations, a concern for a company that manages critical infrastructure for online casinos, lotteries, and digital sports betting across multiple continents.
IGT's Chief Information Security Officer (CISO), Kevin DeLange, has previously highlighted the company's vulnerability to cyber threats due to the high-value nature of its operations. "When you have lottery jackpots that can exceed the GDP of some countries, it would be naïve to think that attackers wouldn't view that as something worth time and effort going after," DeLange stated in an earlier interview.
The company is actively working to mitigate the impact of the breach and has implemented measures to protect its systems. IGT has emphasised its commitment to maintaining open lines of communication with stakeholders, customers, and regulatory bodies throughout this process.
This incident underscores the growing trend of cyber threats targeting high-profile gaming and gambling companies, sectors often perceived as lucrative targets for cybercriminals. It serves as a stark reminder of the critical importance of robust cybersecurity measures in an industry that handles sensitive financial data and operates across global jurisdictions.
As the investigation unfolds, industry observers and cybersecurity experts will be closely monitoring the situation for any potential ripple effects across the gaming sector. The incident at IGT may prompt other companies in the industry to reassess and strengthen their own cybersecurity protocols.
For now, IGT continues its efforts to restore affected systems and minimise disruptions to its operations. The company has not yet provided an estimate of when full functionality will be restored or the potential financial impact of the breach.
Copy Below of the IGT SEC filing: