Casino sues Singtel-owned TrustWave over data breach report

US casino Affinity Gaming has sued security firm TrustWave, accusing it of lying when telling the casino it had “contained” a data breach.

Affinity Gaming filed its claim in a Las Vegas federal court last week, seeking damages for a breach that occurred after it hired TrustWave in 2013 to investigate an earlier breach.

The casino claimed it was assured by TrustWave the threat had been “contained” but later discovered was not, forcing it to hire security consultancy, Mandiant, which has since been acquired by FireEye.

The casino claims that it has suffered financial losses and attracted scrutiny from gaming and consumer regulators due to breach, which it blames on alleged misrepresentations by TrustWave.

TrustWave is owned by Optus’ parent, Singapore headquartered Singtel, however the disputed transactions occurred prior to its $810m acquisition of TrustWave last year.

Affinity Gaming is attempting to shift liability for the breach on to TrustWave after filing a claim over the breach on its cyber insurer, which had listed TrustWave on its panel of Payment Card Industry data forensics investigators.

The casino argued that while it did take measures to ensure its IT systems were secure, it lacked the knowledge of a specialist IT security firm like TrustWave and thus claimed it was “wholly depend on, and subordinate in terms of its knowledge, understanding, and capabilities, to Trustwave”, relying on it to “prescribe appropriate measures” it should take in response to the earlier breach.

The casino says its initial breach was discovered after local police contacted it regarding credit card fraud and suggested its computer network may have been compromised. Affinity Gaming accused TrustWave of delivering a “woefully inadequate” investigation and report.

It claimed that during a two month engagement TrustWave only inspected 10 servers, physical security and network topology, after which TrustWave reported the breach had been contained and deemed a discovered backdoor “inert”.

Penetration testers from Ernst & Young subsequently discovered the casino was infected with malware known as “Framnepkg.exe”, which TrustWave claimed to have found and contain. That’s when it hired Mandiant.

“Mandiant’s investigation initially focused on a period of attacker activity between December 6, 2013 and April 27, 2014. The scope of the investigation expanded to include the “previous” data breach that had occurred between March and October, 2013 – the data breach Trustwave supposedly had investigated – after Mandiant determined that Trustwave had failed to identify the entire extent of the breach,” the suit reads.

TrustWave told the Financial Times it had done nothing wrong. “We dispute and disagree with the allegations in the lawsuit and we will defend ourselves vigorously in court.”


Participate in CSO and Gigamon's survey on Security Priorities today!

Go into the draw for a chance to win an Apple iWatch Sports or the equivalent of $500 Visa Cashcard.

For full terms and conditions click here.

Start survey NOW!

Join the CSO newsletter!

Error: Please check your email address.

Tags trustwaveLas VegasAffinityCasinodata breach report

More about AffinityAppleCSOErnst & YoungFireEyeGigamonOptusSingtelTrustwaveVisa

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place