Hackers Stole Loyalty Program Database Containing Sensitive Information
In a shocking revelation, hotel and casino giant Caesars Entertainment has confirmed that hackers stole a massive trove of customer data in a recent cyberattack. The company revealed the breach in an 8-K notice filed with federal regulators on Thursday.
According to the filing, the hackers gained access to the company’s loyalty program database, which contains sensitive information such as driver license numbers and Social Security numbers for a "significant number" of members. Caesars did not specify how many individuals are affected by the incident.
Caesars Paid Ransom in Wake of Cyberattack
While Caesars has confirmed that hackers stole other data during the cyberattack, it declined to disclose specifics. However, sources close to the matter have revealed that the company paid approximately half of the $30 million ransom demanded by the hackers to prevent the disclosure of stolen data.
Caesars spokesperson Robert Jarrett did not respond to a request for comment on the incident. In a separate statement, Caesars confirmed that the cyberattack was caused by social engineering on an outside IT vendor, which the company declined to name.
Background on Scattered Spider Hacking Group
The hacking group thought to be responsible for the Caesars breach is known as Scattered Spider (or UNC3944). This transatlantic hacking group is notorious for using social engineering tactics to trick employees into granting access to large corporate networks. Members of the group reportedly include young adults and teenagers, similar to other hacking and extortion groups like Lapsus$.
A representative from the Scattered Spider group told TechCrunch that they carried out the cyberattack on MGM but denied involvement with Caesars. This assertion contradicts previous reports suggesting that the same hackers targeted both hotel and casino giants in recent weeks.
MGM Resorts Hacked, Outage Continues
Caesars is not the only major hotel and casino giant to fall victim to a high-profile data breach. MGM Resorts reported a "cybersecurity issue" on Monday, which has persisted for four days with no signs of technical recovery.
MGM has declined to comment on the incident, despite multiple requests by email and phone. It remains unclear whether MGM’s corporate phone lines are currently operational.
FBI Investigates, Warns Against Ransom Payments
The FBI is investigating the Caesars breach but declined to comment further. The agency has long advised victims of cyberattacks and extortion not to pay ransoms, as this can often incentivize further hacking attempts.
Caesars reported the incident to law enforcement authorities and emphasized that it cannot guarantee the deletion of stolen data by the unauthorized actor. This suggests that the company paid a ransom to the hackers, which is contrary to U.S. government advice.
Timeline of Events
- August 2023: Hackers from Scattered Spider (or UNC3944) first targeted Caesars Entertainment.
- Monday: MGM Resorts reported a "cybersecurity issue," which has continued into its fourth day with no signs of technical recovery.
- Thursday: Caesars Entertainment filed an 8-K notice with federal regulators confirming the data breach.
What’s Next?
As the investigation continues, it remains to be seen whether other hotel and casino giants will fall victim to similar cyberattacks. The incident serves as a stark reminder of the importance of robust cybersecurity measures in today’s digital landscape.
Stay tuned for further updates on this developing story.
Caesars Entertainment Confirms Massive Data Breach Following Cyberattack
- Hackers Stole Loyalty Program Database Containing Sensitive Information
- Caesars Paid Ransom in Wake of Cyberattack
- Background on Scattered Spider Hacking Group
- MGM Resorts Hacked, Outage Continues
- FBI Investigates, Warns Against Ransom Payments
Timeline of Events
- August 2023: Hackers from Scattered Spider (or UNC3944) first targeted Caesars Entertainment.
- Monday: MGM Resorts reported a "cybersecurity issue," which has continued into its fourth day with no signs of technical recovery.
- Thursday: Caesars Entertainment filed an 8-K notice with federal regulators confirming the data breach.
