Jump to content
  • Caesars Entertainment Confirms Hack in Second Recent Casino Attack

    aum

    • 1 comment
    • 531 views
    • 3 minutes
     Share


    • 1 comment
    • 531 views
    • 3 minutes

    Caesars reportedly paid tens of millions in ransom after the hackers obtained driver's license numbers and Social Security numbers from a company database.

     

    If you’re a betting person, what are the odds of two casinos getting hacked in succession? Following an attack on MGM casinos, Caesars Entertainment just stated in an SEC filing that it was also the subject of a hack that occurred last month.

     

    As Bloomberg reports, citing sources close to the matter, the late-August attack left Caesars Entertainment forking over tens of millions of dollars to the hackers. The incident was described in an SEC filing published today, in which the company states that the breach occurred as the result of a “social engineering attack on an outsourced IT support vendor.” Sources told The Wall Street Journal that this social engineering attack involved a hacker posing as an employee to get the IT contractor to change a password. The hackers reportedly made off with the company’s loyalty program database, which contains a list of driver’s license numbers and Social Security numbers for a “significant number of members” within the database.

     

    “We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result,” the company wrote in the SEC filing. “We are monitoring the web and have not seen any evidence that the data has been further shared, published, or otherwise misused. Nonetheless, out of an abundance of caution, we are offering credit monitoring and identity theft protection services to all members of our loyalty program.”

     

    Caesars Entertainment did not immediately return Gizmodo’s request for comment. But the wording of the statement appears to indicate that the casino may have paid a ransom.

     

    The attackers are believed to be a hacking group known as Scattered Spider, or UNC 3944. Cybersecurity company Trellix says in a blog post that Scattered Spider has been active since May 2022, and its prey of choice is telecommunications companies, critical infrastructure groups, and business process outsourcing organizations—like the IT company involved with Caesars. Trellix also says that social engineering hacks are Scattered Spider’s bread and butter.

     

    The SEC filing chronicling the attack comes after Caesars competitor MGM was also hit with a crippling attack, as revealed this past Monday. The MGM hack was reportedly the result of a 10-minute social engineering phone call, in which the hackers identified an IT worker on LinkedIn and called the help desk. An employee was apparently tricked into giving the hackers access to MGM’s systems. Reuters says that Scattered Spider was behind this hit, some reports indicate that a sub-group of Scattered Spider known as ALPHV, or Blackcat, was the culprit. Trellix’s blog post says that Blackcat has previously used Scattered Spider software called POORTRY, indicating some working relationship or overlap between the two.

     

    Source


    User Feedback

    Recommended Comments

    @vegasstarfish on Twitter seems to be posting regular updates on this which has been going on all week ,there also seems to be a big risk to all patrons credit cards after many innocuous charges are being made.

     

    https://twitter.com/vegasstarfish

     

    Edited by Arachnoid
    Link to comment
    Share on other sites




    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...