Boyd Gaming reports Valley Forge fine, confirms operations unaffected by cybersecurity breach

Boyd Gaming Corp. disclosed a cybersecurity breach and a $30,000 regulatory fine at Valley Forge Casino but said neither development is expected to affect its business operations or financial condition.

In a filing with the Securities and Exchange Commission (SEC), the company reported that an unauthorized third party accessed its internal IT systems. Boyd said Valley Forge Casino in Pennsylvania was not impacted by the incident.

According to the filing, “the cybersecurity incident has had no impact on the company’s properties or business operations.” The company determined that the intruder removed certain data, including employee information and records on a limited number of other individuals. Boyd has notified affected individuals, but did not specify the identity of the other parties.

SEC filing

Boyd said it took immediate steps once the breach was detected. “Upon detecting the incident, the company promptly took steps to respond to the incident with the assistance of leading external cybersecurity experts and in cooperation with federal law enforcement authorities,” the filing stated.

The company said the breach is not expected to affect its financial condition or results of operations.

“As of the date of this filing, the company believes that the incident will not have a material adverse effect on the company’s financial condition or results of operations,” Boyd said.

The filing also noted that Boyd maintains cybersecurity insurance expected to cover costs linked to incident response, forensic review, business interruptions, litigation, and potential regulatory fines, subject to policy limits and deductibles.

Valley Forge casino fine

In a separate matter, the Pennsylvania Gaming Control Board (PGCB) issued a $30,000 fine against Valley Forge Casino. The property operates under Boyd’s ownership and is part of the company’s Boyd Rewards program.

The PGCB said that in November 2024, a 13-year-old entered the gaming floor using his father’s license and stayed for six hours, including more than three hours spent playing slot machines.

The following day, the minor and his father attempted to re-enter but were stopped by security. Valley Forge accepted the PGCB’s consent agreement.

According to the casino, additional coaching and training for staff have been introduced to prevent similar incidents. It also said it is offering cash incentives to security employees tasked with identifying underage individuals attempting to access the gaming floor.