A criminal group named RansomHub has allegedly attacked the Jackpot Junction Casino Hotel in Morton, Minnesota. The group claimed responsibility for the attack by posting a message on the dark web, according to three websites that track cyber gangs.
Casino guests first began experiencing issues such as non-working phones, canceled bingo nights and trouble changing reservations. These problems worsened over time.
Slot machines stopped working, and the casino had to take some systems offline after discovering unauthorized access. Robert “Deuce” Larsen, the community council president who oversees the casino, said they are collaborating with third-party experts to restore all systems.
The Lower Sioux Indian Community operates the casino. They're providing updates on the situation via the casino's Facebook page.

Despite the outages, the bar, restaurants and game tables have remained open. The Jackpot Junction Casino Hotel covers 46,000 square feet and has more than 1,000 slot machines.
Alleged Ransom Demands
According to Paul Bischoff, Consumer Privacy Advocate at Comparitech, RansomHub allegedly gave the casino a month to pay an unspecified ransom. It remains unclear if the attackers compromised personal data, if the casino paid the ransom, how much money RansomHub demanded or how they hacked into the casino's network.
Since its inception, RansomHub has claimed responsibility for 129 verified ransomware attacks and an additional 637 attacks that the targeted organizations have not confirmed.
In 2023, RansomHub claimed responsibility for 19 verified attacks and 205 unverified ones, targeting entities such as Access Financial Services in Jamaica, the Hungarian National Museum, and Whitman Hospital and Medical Clinics in the United States.
Casinos as Attractive Ransomware Targets
Cybercriminals often carry out ransomware attacks by locking an organization's or individual's data and demanding money to unlock it. These attacks can seriously disrupt operations, cause financial losses and expose sensitive information if stolen.

Casinos handle a wealth of sensitive data, including customer financial transactions, personal details and regulatory records — making them especially attractive targets for ransomware. The combination of potential vulnerabilities and valuable data presents lucrative opportunities for criminals to exploit weaknesses and demand payment.
A data breach at MGM Resorts in Las Vegas in 2023 shut down slot machines and leaked customer data. One of the most recent attacks occurred in Michigan.
Overview of the Lower Sioux Indian Community in Minnesota
The Lower Sioux Indian Community is a federally recognized tribe in south-central Minnesota, about two miles south of Morton in Redwood County. The Community Center is located on the southern bluffs of the Minnesota River Valley.
Approximately 145 families live on 1,743 acres of tribal land. The tribe has a total population of 982 people who reside within a 10-mile service area and beyond.
After treaties were signed with the United States in 1851, the band and homeland became known as "Lower Sioux." However, members of the Lower Sioux Indian Community belong to the Mdewakanton Band of Dakota.
Cybersecurity and Casinos Go Hand-in-Hand
The attack on Jackpot Junction Casino Hotel highlights the urgent need for robust cybersecurity measures in organizations that handle sensitive data. While the casino continues to operate despite the disruptions, this incident serves as a stark reminder of the growing threat posed by cybercriminals.
As businesses increasingly rely on digital infrastructure, investing in advanced security solutions is crucial to protect against unauthorized access and potential financial and reputational damage. Strengthening cybersecurity defenses is not only essential for safeguarding data but also for maintaining customer trust and ensuring uninterrupted operations.