Casino giant Caesars sends breach notifications to thousands The Register

pThis article is more than 1 year oldppAs more details emerge from Septembers Las Vegas casino cyberattacks Caesars Entertainment the owner of Caesars Palace has disclosed more than 41000 Maine residents alone had their info stolen by a ransomware gangppIn a Friday filing with the the US states Attorney Generals office Caesars disclosed extortionists siphoned 41397 Mainers data and listed the total number of victims TBDppThe hotel restaurant and casino chain described the theft as followsppCaesars was the victim of a social engineering attack on an outsourced IT support vendor that resulted in unauthorized access on August 18 2023 to Caesars network and the exfiltration of data beginning on or about August 23 2023 which Caesars subsequently confirmed on September 7 2023 included the personal information of state residentsppThe hotel chains loyalty program was pillaged and Caesars noted that the stolen personal data included names and drivers license numbers andor identification card numbers According to the filing the crooks didnt access customers financial information nor payment detailsppIn an attached security breach notification letter PDF Caesars told customers that the entertainment conglomerate has taken steps to ensure that the stolen data is deleted by the unauthorized actor although we cannot guarantee this resultppThese steps wed assume including paying the ransom demand which was reportedly negotiated at 15 million after an initial demand for 30 millionppTo ease any concern you may have we are offering you complimentary identity theft protection services for two years through IDX a data breach and recovery services expert the notification letter continued ppThis identity protection service includes two years of credit and dark web monitoring to help detect any misuse of your information as well as a 1000000 insurance reimbursement policy and fully managed identity restoration in the event that you fall victim to identity theftppThe casino giant first confirmed the data theft in an SEC filing in September but has yet to comment on the reported ransom paid to the ransomware crew ppCaesars has not responded to multiple inquiries from The Register These include questions about the ransom demanded and whether it was paid and how many thousands of customers were caught in the ransomware crews web The bizs 8K SEC form claimed a significant number of loyalty members were feared stolen We will update this story if and when we hear back ppNews of that ransomware infection broke as another huge casino and hotel chain MGM Resorts was forced to shut down IT systems and slot machines after the same cybercrime crew known as Scattered Spider broke into its network and stole customers datappScattered Spider is reportedly an affiliate of ALPHV also known as BlackCat a ransomwareasaservice RaaS operation that rents its malware to other criminalsppLast week in its 8K SEC filing MGM said it expects the security breach will cost the company at least 100 millionppWhile Caesars reportedly paid to make the pain stop MGM did not Its CEO Bill Hornbuckle told Bloomberg his reasons for not caving to the crooks extortion were not driven by nobilityppThe data thieves had already been in the hotel giants IT environment for several days before sending a ransom note for a sum Hornbuckle declined to reveal By that point the gambling biz had started rebuilding its systems from backups and didnt see any reason to respond to the criminalsppId love to tell you there was this you know a jump on a white horse moment and devil be damned were not paying these bastards Hornbuckle said The reality is because we caught this so early and we were on themppThe Register has also asked MGM repeatedly for comment about the intrusion and is yet to receive a response ppAnd while we know of these two casino and resort giants who fell victim to Scattered Spider there are likely more victims that have yet to disclose data lossesppIn August Okta revealed that multiple USbased customers reported social engineering attacks that targeted their IT service desks in attempts to steal user account info for those accounts with administrator permissions ppAt the time Oktas chief security officer David Bradbury told The Register that Scattered Spider was behind these attacks ppWhile we know that two of these Okta customers were Caesars and MGM the same crew reportedly also broke into the systems of three other big businesses These included a manufacturing retail and technology firm  but these other targets have yet to be named ppSend us newsppThe Register Biting the hand that feeds ITpp
Copyright All rights reserved 19982025

p