Casino giant Caesars Entertainment officially confirmed that it suffered a data breach that may have resulted in the exposure of sensitive information, including data from its loyalty program database. The company disclosed that hackers gained access to details, such as driver's license numbers, and potentially Social Security numbers, affecting a substantial number of members within the database.
The security incident that took place on September 7 originated from a "social engineering attack" targeting the company's outsourced IT support vendor, the company informed the federal Securities and Exchange Commission. The company noted its casino and online operations were not disrupted.
"We have incurred, and may continue to incur, certain expenses related to this attack, including expenses to respond to, remediate, and investigate this matter," Caesars said in its latest regulatory filing, as reported by Reuters. The Wall Street Journal on Thursday reported that the company paid approximately half of a $30 million ransom demanded by the hackers.
Caesars is currently conducting an investigation into the extent of the data leak. The Reno-headquartered company said there is no evidence indicating that member passwords, PINs, bank account information, or payment card details were accessed.
Meanwhile, MGM Resorts International, another casino group that is believed to have also been targeted by the same group of attackers, continues to grapple with the aftermath of a cybersecurity issue. The incident caused significant disruption across its casinos in the United States, impacting the company's websites, reservation system, and certain slot machines. The FBI is currently investigating the incident.
As of Thursday, some of MGM Resorts' computer systems, including those responsible for hotel reservations and payroll, remained offline, WJTV reports. However, company spokesman Brian Ahern assured that the firm's 75,000 employees in the United States and around the world are expected to receive their salaries on schedule, the report said.
Earlier this week, it was reported that both breaches were allegedly carried out by a group of cyber attackers known by the name "Scattered Spider". Also known as UNC3944, the cybercriminal group composed of hackers primarily based in the United States and the United Kingdom, Bloomberg reported, citing a cybersecurity researcher familiar with the group.
The hackers include individuals as young as 19 years old. Scattered Spider has a track record of targeting telecommunications and business process outsourcing companies, employing techniques such as SIM swaps of phone numbers to execute phishing attacks, steal data, and extort ransoms.
The group claimed responsibility on Thursday and said it took six terabytes of data from the systems of MGM and Caesars as both companies probed the breaches. Speaking to Reuters via the messaging platform Telegram, a representative for the group said it did not plan to make the data public.