Caesars confirms rumoured cyberattack
In a filing with the Securities and Exchange Commission today (14 September), the operator said it deployed response protocols and launched an investigation after identifying “suspicious activity” in its wider network. It said the activity resulted from a social engineering attack on outsourced IT support.
Following an investigation, it was revealed that the attackers had obtained customer data, including a copy of Caesars’ loyalty programme database. This database detailed the driver’s licence numbers and social security numbers of various loyalty programme members.
Caesars added that its customer-facing facets, such as Caesars Entertainment locations and mobile gaming apps, were unaffected by the attack.
Ongoing situation
Caesars said it has “taken steps to ensure that the stolen data is deleted by the unauthorised actor in the aftermath of the attack”, although it admitted “we cannot guarantee this result”. It added that there was no evidence of passwords, PINs or bank account information being stolen.
Caesars did not confirm or deny whether it paid a ransom. However, unnamed sources reported in the media that Caesars paid tens of millions of dollars in ransom to the cyberattackers.
This is not the first hacking incident to be reported this week. MGM Resorts was forced to shut down its systems after identifying a cybersecurity issue on Monday, with posts on social media indicating issues with slots machines and hotel room access on MGM Resorts properties.
On 12 September, MGM resorts confirmed on X – formerly Twitter – that its resorts facilities were still in operation, adding that its guests can still access hotel rooms. Earlier today, it revealed that work is still ongoing to resolve the cybersecurity issue.
Moving forward
In its filing, Caesars emphasised that it had improved its systems to ward off any repeat incidents.
“While no company can ever eliminate the risk of a cyberattack, we believe we have taken appropriate steps, working with industry-leading third-party IT advisors, to harden our systems to protect against future incidents,” said Caesars. “These efforts are ongoing.
“We have also taken steps to ensure that the specific outsourced IT support vendor involved in this matter has implemented corrective measures to protect against future attacks that could pose a threat to our systems.”
The operator added that it had incurred expenses related to the attack, but said it did not expect this to have an effect on its future results.