Caesars Confirms 'Sin-City Cyber-Attack': Member Database Stolen, Including "Social Security Numbers"

Tyler Durden's Photo
by Tyler Durden
Thursday, Sep 14, 2023 - 03:10 PM

Update (1110ET):

Caesars Entertainment confirmed the cyberattack via a regulatory 8-K filing: 

Caesars Entertainment, Inc. recently identified suspicious activity in its information technology network resulting from a social engineering attack on an outsourced IT support vendor used by the Company. Our customer-facing operations, including our physical properties and our online and mobile gaming applications, have not been impacted by this incident and continue without disruption.

Caesars worked with cybersecurity firms and contacted law enforcement and state gaming regulators about the cyber issues. The attack supposedly started on Aug. 27, but it wasn't until Sept. 7 when Caesars "determined that the unauthorized actor acquired a copy of, among other data, our loyalty program database, which includes driver's license numbers and/or social security numbers for a significant number of members in the database." 

"We are still investigating the extent of any additional personal or otherwise sensitive information contained in the files acquired by the unauthorized actor," the casino company said. 

However, it noted, "We have no evidence to date that any member passwords/PINs, bank account information, or payment card information (PCI) were acquired by the unauthorized actor." 

Ceasers said all "members of our loyalty program" should use credit monitoring services to defend against identity theft. 

VOA's Steve Herman revealed that Ceasers reportedly paid $15 million to the hackers. 

We noted earlier that hackers generally use crypto to collect ransom payments. There have been notable spikes in Bitcoin around the Ceasers hack, and we are currently seeing upward pressure around the ongoing MGM Resorts International hack. 

How much will MGM have to pony up? 

*   *   * 

We asked this question on Wednesday: Sin-City Cyber-Siege?

MGM Resorts International isn't the only Vegas casino dealing with cyberattacks. People familiar with the matter told Bloomberg that Caesars Entertainment Inc. is about to reveal in a regulatory filing it was the victim of a cyberattack on Aug. 27. 

The disclosure of the alleged Caesars breach comes four days after MGM Resorts International has been plagued with a cyberattack since Sunday, shutting down critical computer systems responsible for operations at more than a dozen properties.

According to the people, Caesars and MGM were hit by the same hacking group, known as Scattered Spider or UNC 3944. 

Here's more from Bloomberg: 

MGM was still working to resolve the turmoil caused by the hackers, known as Scattered Spider, four days into the cyberattack that has disrupted the company's websites, reservation system and some slot machines at its casinos across the country, according to two of the people.

Caesars was also hacked by the same group in a cyberattack a few weeks earlier, and ended up paying tens of million of dollars to the hackers, according to the people, who asked not to be identified because the information is private. The hackers first breached an outside IT vendor before gaining access to the company's network, two of the people said.

As of Thursday morning, MGM websites remain inaccessible.

Ransoms are usually paid in cryptocurrency. Around the Ceasers hack, there was an 8% spike in Bitcoin. Since the MGM cyber issue, BTC jumped 6%. 

The people said the hacking group comprises of young adults ("some as young as 19 years old") across the US and the UK. 

We would've thought by now corporate media and the Biden administration would've blamed Moscow hackers.