Fast Facts

• Encore Leisure Group, founded by Dale Folmar and Jacques James, recently appeared on a ransomware leak site.
• The attack was publicized via Ransomfeed, a well-known ransomware information aggregator.
• Ransomware attacks against leisure and hospitality companies have surged in recent years.
• Such attacks often threaten to leak sensitive customer and business data unless a ransom is paid.

Ransomware’s Relentless Rhythm

Picture a bustling leisure complex: families at play, staff bustling, music in the air - until one morning, the screens go dark, and a single chilling message appears. Encore Leisure Group, a company built to provide escapism and entertainment, has become the latest stage for a grim cyber drama.

According to Ransomfeed, Encore Leisure Group’s name recently surfaced on a ransomware leak site - a public “wall of shame” used by cybercriminals to pressure victims. The company, founded by Dale Folmar and Jacques James, joins a swelling list of leisure and hospitality firms targeted by digital extortionists. While details are still emerging, the attack follows a familiar pattern: attackers breach the company’s systems, encrypt vital files, then demand payment for their release, with the added threat of exposing sensitive data if ignored.

Why Leisure? The Sector’s Hidden Vulnerabilities

Leisure and hospitality companies are increasingly in hackers’ crosshairs. With sprawling networks, legacy systems, and a treasure trove of customer data, these businesses are like unlocked amusement parks for cybercriminals. In 2023, the MGM Resorts breach shut down slot machines and front desks, costing the company millions. Similar attacks on smaller groups, like Encore, often fly under the radar but can be equally devastating - paralyzing operations and damaging reputations.

Ransomware gangs, such as LockBit and BlackCat, have refined their playbook: after sneaking in (often via phishing emails or vulnerable software), they move laterally through company systems, quietly collecting files before “locking” them. Think of it as a digital heist where the burglars not only steal but also barricade the vault behind them.

Wider Impacts: Data, Dollars, and Disruption

While the ransom sums demanded often make headlines, the hidden costs - operational shutdowns, lost trust, and regulatory fines - can linger far longer. For companies like Encore, customer data exposure is a ticking time bomb, potentially leading to identity theft or fraud for innocent patrons.

Experts warn that the leisure sector’s rush to digitalize (think online bookings, cashless payments) has outpaced its investment in cybersecurity. Until that changes, ransomware actors will keep returning for an encore.

WIKICROOK

• Ransomware: Ransomware is malicious software that encrypts or locks data, demanding payment from victims to restore access to their files or systems.
• Leak Site: A leak site is a website where cybercriminals post or threaten to post stolen data to pressure victims into paying a ransom.
• Lateral Movement: Lateral movement is when attackers, after breaching a network, move sideways to access more systems or sensitive data, expanding their control and reach.
• Phishing: Phishing is a cybercrime where attackers send fake messages to trick users into revealing sensitive data or clicking malicious links.
• Legacy Systems: Legacy systems are outdated computer hardware or software still in use, often lacking modern security protections and posing cybersecurity risks.