Kewadin Casino Hackers Send Letter to Local Newspaper

There's been more news in the Kewadin Casino hacking case in Michigan. 

After about two weeks following a ransomware attack, Michigan’s Sault Ste. Marie Tribe will begin opening its Kewadin Casinos.

But there’s a bit of a twist—the attackers wrote a letter to a local newspaper, The Sault Tribe Guardian, explaining the situation. 

“To be clear, we had no intention of harming the Tribe – our motives are purely financial,” the hackers said. “This incident could have been resolved within a few days following the attack.”

Ransom Speculative 

It’s unclear whether the tribe paid the ransom or was able to regain access through its own cybersecurity experts. 

According to the letter the hackers sent, they made “multiple attempts” to contact the tribe, leaving voicemails, internal network messages, and emails. 

They also said the reported $5 million was “purely speculative, as no negotiations have taken place.” 

The attacks claimed they gained access to 100 gigabytes of data, which amounted to about 500k files. 

RansomHub Involved?

It’s worth noting that the letter was signed as “hackers,” but DataBreachers.net reported that the global hacking group RansomHub was involved as per a post on the Dark Web. 

There have been about 500 RansomHub victims reported.

They use a “double-extortion model.” This involves extorting victims by stealing data, encrypting systems, and demanding payment. 

Services Restored 

The Kewadin Casinos cover five locations: Sault Ste. Marie, St. Ignace, Christmas, Hessel, and Manistique.

The attack originated on Feb. 9. 

The services impacted included healthcare and more, prompting temporary phone numbers. 

Now, the casino properties will begin reopening throughout Wednesday, Feb. 26. 

“All casino hotels, restaurants, and entertainment will resume their normal business hours when the casino reopens,” the release stated. “Phone lines are open and ready to be answered.”