2023-11-21 Inspired Entertainment, Inc. Cybersecurity Incident

Page last updated on April 11, 2024

Inspired Entertainment, Inc. initially disclosed a cybersecurity incident in an SEC 8-K filing on 2023-11-21 16:51:53 EST.

Incident Details

Material: Unknown
Is Breach: Unknown
Records Compromised: Unknown
Data Types Impacted: No Data Types Tracked (yet)

Compromised Date:
Detected Date:
Disclosure Date: 2023-11-21
Contained Date:
Recovered Date:

Attack Goal: Unknown

Costs: No Costs Tracked (yet)

Filings

8-K filed on 2023-11-21

Inspired Entertainment, Inc. filed an 8-K at 2023-11-21 16:51:53 EST
Accession Number: 0001493152-23-042355

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 8.01 Other Events

On
November 8, 2023, Inspired Entertainment, Inc. (the “Company”) detected a ransomware attack on its information technology
(“IT”) systems. The attack impacted and disrupted certain of the Company’s corporate IT systems but did not
impact any product systems. As part of its cyber security, by design and physical separation, the product systems were separated from
the corporate systems and therefore protected from attack. The Company promptly initiated previously established response protocols
that included deploying containment measures involving shutting down certain internal systems as a precautionary measure. The
affected IT systems have now been substantially restored to full operational capabilities.

Upon
detecting and containing the incident, the Company
launched an investigation and engaged the services of cybersecurity experts and advisors, incident response professionals (inclusive
of a forensic vendor), and external counsel to assist the investigation and recovery. The Company has notified relevant
law enforcement and regulators of the incident.

In
addition to the disruption to certain of its IT systems, the Company became aware on November 15, 2023, that Company data (including
in the form of personal data) had been exfiltrated. The Company continues to work diligently to investigate this cybersecurity incident,
including to quantify and assess the scope of the data accessed / exfiltrated. The Company will assess all relevant legal obligations
and will offer appropriate mitigations, e.g., identity / credit monitoring, where deemed necessary.

Based
on information available to date, the Company does not believe the incident will have a material impact on its financial results of operations.
The Company is continuing to monitor the effects of this cybersecurity incident. Since detection of the incident, the Company has implemented
additional and enhanced measures to reinforce the security of its information technology systems.

The
Company maintains insurance, including cybersecurity insurance, which the Company believes is commensurate with its size and the nature
of its operations. However, the Company has incurred, and may incur in the future, expenses and losses related to this incident that
are not covered by insurance.

Cautionary
Note Regarding Forward Looking Statements:

This
Current Report on Form 8-K contains forward-looking statements within the meaning of the Private Securities Litigation Reform Act of
1995. These statements can be identified by the use of forward-looking terminology such as “expects,” “believes,”
“estimates,” “projects,” “intends,” “plans,” “seeks,” “may,”
“will,” “should” or “anticipates” or the negative or other variations of these or similar words.
Although the Company believes that its expectations are based on reasonable assumptions within the bounds of the Company’s knowledge
of its business, there can be no assurance that actual results, including the impact of the ransomware attack, will not differ materially
from its expectations. These statements include, but are not limited to, express or implied forward-looking statements relating to the
Company’s expectations regarding its ability to contain and assess the ransomware attack and the impact of the ransomware attack
on the Company’s customers and the Company’s business, operations or financial results. These statements are neither promises
nor guarantees, but are subject to a variety of risks and uncertainties, many of which are beyond the Company’s control, which
could cause actual results to differ materially from those contemplated in these forward-looking statements. Factors that could cause
actual results to differ materially from those expressed or implied include the ongoing assessment of the ransomware attack, legal, reputational
and financial risks resulting from the ransomware attack or additional cyberattacks, the effectiveness of business continuity plans during
a ransomware attack, and the other factors discussed in the Company’s most recent Annual Report on Form 10-K, Quarterly Report
on Form 10-Q and other filings with the Securities and Exchange Commission, including its Current Reports on Form 8-K. These forward-looking
statements speak only as of the dates of the relevant reports or as of the date to which they refer.

Meaningful
factors that could cause actual results to differ from expectations include, but are not limited to, the ongoing assessment of the ransomware
attack, legal, reputational and financial risks resulting from additional cyberattacks, including ransomware attacks, and the effectiveness
of business continuity plans during the ransomware attack. The Company does not intend to update publicly any forward-looking statements,
except as required by law. In light of these risks, uncertainties and assumptions, the forward-looking events discussed in this Current
Report on Form 8-K may not occur.

Company Information