UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
FORM
CURRENT REPORT
Pursuant to Section 13 or Section 15(d) of the Securities Exchange Act of 1934
Date
of Report (Date of earliest event reported):
(Exact name of registrant as specified in its charter)
(State or other jurisdiction of incorporation) |
(Commission File Number) |
(IRS Employer Identification No.) |
| (Address of principal executive offices) | (Zip Code) |
Registrant’s
telephone number, including area code:
(Former name or former address, if changed since last report)
Check the appropriate box below if the Form 8-K filing is intended to simultaneously satisfy the filing obligation to the registrant under any of the following provisions:
| Written communications pursuant to Rule 425 under the Securities Act (17 CFR 230.425) | |
| Soliciting material pursuant to Rule 14a-12 under the Exchange Act (17 CFR 240.14a-12) | |
| Pre-commencement communications pursuant to Rule 14d-2(b) under the Exchange Act (17 CFR 240.14d-2(b)) | |
| Pre-commencement communications pursuant to Rule 13e-4(c) under the Exchange Act (17 CFR 240.13e-4(c)) |
Securities registered pursuant to Section 12(b) of the Act:
| Title of each class | Trading Symbol(s) | Name of each exchange on which registered | ||
| The
|
Indicate by check mark whether the registrant is an emerging growth company as defined in as defined in Rule 405 of the Securities Act of 1933 (§230.405 of this chapter) or Rule 12b-2 of the Securities Exchange Act of 1934 (§240.12b-2 of this chapter).
Emerging
growth company
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐
Item 8.01 Other Events
On November 8, 2023, Inspired Entertainment, Inc. (the “Company”) detected a ransomware attack on its information technology (“IT”) systems. The attack impacted and disrupted certain of the Company’s corporate IT systems but did not impact any product systems. As part of its cyber security, by design and physical separation, the product systems were separated from the corporate systems and therefore protected from attack. The Company promptly initiated previously established response protocols that included deploying containment measures involving shutting down certain internal systems as a precautionary measure. The affected IT systems have now been substantially restored to full operational capabilities.
Upon detecting and containing the incident, the Company launched an investigation and engaged the services of cybersecurity experts and advisors, incident response professionals (inclusive of a forensic vendor), and external counsel to assist the investigation and recovery. The Company has notified relevant law enforcement and regulators of the incident.
In addition to the disruption to certain of its IT systems, the Company became aware on November 15, 2023, that Company data (including in the form of personal data) had been exfiltrated. The Company continues to work diligently to investigate this cybersecurity incident, including to quantify and assess the scope of the data accessed / exfiltrated. The Company will assess all relevant legal obligations and will offer appropriate mitigations, e.g., identity / credit monitoring, where deemed necessary.
Based on information available to date, the Company does not believe the incident will have a material impact on its financial results of operations. The Company is continuing to monitor the effects of this cybersecurity incident. Since detection of the incident, the Company has implemented additional and enhanced measures to reinforce the security of its information technology systems.
The Company maintains insurance, including cybersecurity insurance, which the Company believes is commensurate with its size and the nature of its operations. However, the Company has incurred, and may incur in the future, expenses and losses related to this incident that are not covered by insurance.
Cautionary Note Regarding Forward Looking Statements:
This Current Report on Form 8-K contains forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. These statements can be identified by the use of forward-looking terminology such as “expects,” “believes,” “estimates,” “projects,” “intends,” “plans,” “seeks,” “may,” “will,” “should” or “anticipates” or the negative or other variations of these or similar words. Although the Company believes that its expectations are based on reasonable assumptions within the bounds of the Company’s knowledge of its business, there can be no assurance that actual results, including the impact of the ransomware attack, will not differ materially from its expectations. These statements include, but are not limited to, express or implied forward-looking statements relating to the Company’s expectations regarding its ability to contain and assess the ransomware attack and the impact of the ransomware attack on the Company’s customers and the Company’s business, operations or financial results. These statements are neither promises nor guarantees, but are subject to a variety of risks and uncertainties, many of which are beyond the Company’s control, which could cause actual results to differ materially from those contemplated in these forward-looking statements. Factors that could cause actual results to differ materially from those expressed or implied include the ongoing assessment of the ransomware attack, legal, reputational and financial risks resulting from the ransomware attack or additional cyberattacks, the effectiveness of business continuity plans during a ransomware attack, and the other factors discussed in the Company’s most recent Annual Report on Form 10-K, Quarterly Report on Form 10-Q and other filings with the Securities and Exchange Commission, including its Current Reports on Form 8-K. These forward-looking statements speak only as of the dates of the relevant reports or as of the date to which they refer.
Meaningful factors that could cause actual results to differ from expectations include, but are not limited to, the ongoing assessment of the ransomware attack, legal, reputational and financial risks resulting from additional cyberattacks, including ransomware attacks, and the effectiveness of business continuity plans during the ransomware attack. The Company does not intend to update publicly any forward-looking statements, except as required by law. In light of these risks, uncertainties and assumptions, the forward-looking events discussed in this Current Report on Form 8-K may not occur.
SIGNATURES
Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has caused this report to be signed on its behalf by the undersigned hereunto duly authorized.
| November 21, 2023 | Inspired Entertainment, Inc. | |
| By: | /s/ Carys Damon | |
| Name: | Carys Damon | |
| Title: | General Counsel | |