LAS VEGAS (KTNV) — A former Boyd Gaming employee has filed a lawsuit against the company after they disclosed a recent cybersecurity incident.
In an SEC filing from Tuesday, Boyd officials disclosed they "recently experienced a cybersecurity incident in which an unauthorized third party accessed our internal IT system."
While the company said the incident had no impact on their properties or business operations, they said the third party did access information about employees and a limited number of individuals.
"The Company is notifying impacted individuals and has or will notify its various regulators and other governmental agencies as required."
You can read the full filing below.
We reached out to Boyd Gaming following that disclosure and were told the SEC filing is the extent of the information the company is providing at this time.
On Friday, former Boyd Gaming employee Scott Levy filed a class action lawsuit against the company claiming that due to Boyd Gaming's wording in the SEC filing, it's unclear when the hackers got into the system or how long they had access to employee information.
"The Data Breach investigation revealed Boyd's cyber and data security systems were completely inadequate and allowed cybercriminals to access files containing a treasure trove of its employees' and customers' highly private information," the lawsuit reads in part. "Through its inadequate security practices, Defendant exposed Platinff's and the Class's PII for theft and sale on the dark web."
Levy says that he has also received a spike in spam and phishing texts and phone calls since the data breach and that Boyd Gaming hasn't notified him or other employees that their information has been exposed.
According to federal court records, no court hearings have been set, as of Monday morning.
You can read the full lawsuit below.
John Branden Newman, the Chief Technology Officer for MGM Resorts International, told the Nevada Gaming Commission his team offered their help to Boyd.
"It's obviously unfortunate that a lot of the players in the industry, in various industries actually, are still getting hit by these sames types of attacks," Newman said. "We did reach out and offer our support. I don't have a lot of detailed information about it."
This is just the latest in a series of cyberattacks to hit the valley over the last couple of years.
Last month, Gov. Joe Lombardo said nearly all of the State of Nevada websites are back up and running after a cyberattack led to state systems being offline for three weeks.
WATCH: Months before cyberattack, Nevada lawmakers punted security bill
A teenager was also arrested in Las Vegas last month for his involvement in the 2023 cyberattacks against MGM Resorts International and Caesars Entertainment.
Las Vegas police characterized the attacks as "sophisticated network intrusions", which are being attributed to "an organized threat-actor group known by several names to include Scattered Spider, Octo Tempest, UNC3944, and/or oktapus."
According to police, the Clark County District Attorney's Office could transfer the teen's case to the criminal division, where he could face charges as an adult.
