LAS VEGAS (KTNV) — Hackers breached Boyd Gaming's internal I.T. systems according to a recent Securities and Exchange Commission filing posted Tuesday.
According to the filing, an "unauthorized third party" accessed and removed company data, including employee information and a "limited number of other individuals." Boyd Gaming said in the filing they are notifying impacted individuals and cooperating with government agencies.
RELATED | Police: Teen arrested in Las Vegas for involvement in 2023 MGM, Caesars cyberattacks
We reached out to Boyd Gaming for the number of impacted individuals — including if any were guests — and for information on what data was compromised. "The SEC filing is the extent of the information we are providing at this time," said Boyd Gaming VP of Corporate Communications David Strow in an email sent to Channel 13.
Below is the full disclosure from Boyd Gaming to the SEC:
"Boyd Gaming Corporation (the “Company”) recently experienced a cybersecurity incident in which an unauthorized third party accessed our internal IT system.
The cybersecurity incident has had no impact on the Company’s properties or business operations. Upon detecting the incident, the Company promptly took steps to respond to the incident with the assistance of leading external cybersecurity experts and in cooperation with federal law enforcement authorities.
The Company has determined that the unauthorized third party removed certain data from the Company’s IT systems, including information about employees and a limited number of other individuals. The Company is notifying impacted individuals and has or will notify its various regulators and other governmental agencies as required.
As of the date of this filing, the Company believes that the incident will not have a material adverse effect on the Company’s financial condition or results of operations. The Company maintains a comprehensive cybersecurity insurance policy, which we expect will cover costs associated with incident response and forensic investigations, as well as business interruptions, legal actions and regulatory fines, if any, subject to policy limits and deductibles."