LAS VEGAS (KTNV) — Caesars Entertainment disclosed new information about a data breach that may impact loyalty program members in an SEC filing on Thursday.
According to the filing, an "unauthorized actor" obtained a copy of the company's loyalty program database, including members' social security and driver's license numbers. However, the company says there is no evidence indicating that bank account or payment card information was acquired by the individual.
Aaron Rouse, former head of the Las Vegas FBI field office, says the hacking community is very formidable.
"I would never be dismissive of the talents of the hacktivist groups out there and the cyber hackers that are out there," Rouse told Channel 13 this week.
Caesars says it learned about the data breach last Thursday after discovering "suspicious activity" in its network. The filing describes the incident as an "attack on an outsourced IT vendor used by the company."
The company says incident response protocols were immediately activated after the discovery, and steps were taken to reinforce the network's security. Officials also launched an investigation into the attack and notified local law enforcement.
The filing also notes, "We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result."
A ransomware group "ALPHV," also known as "Black Cat," was identified as a potential suspect in the ongoing MGM outages by a group of malware experts known as "VX-Underground" on Wednesday. The latest update from MGM says staff is continuing to "work diligently to resolve the cybersecurity issue while addressing individual guest needs promptly."
— MGM Resorts (@MGMResortsIntl) September 14, 2023
According to Bloomberg.com, the same group was behind a recent cyber attack against Caesars Entertainment.
Caesars' SEC filing did not confirm Bloomberg's reporting that the company paid "millions" to the group to return the stolen data. However, the company did allude to "certain expenses related to this attack" that they incurred, "including expenses to respond to, remediate and investigate this matter."
The company is offering a credit monitoring and identity theft protection service to all members of our loyalty program in the meantime. Additionally, the company said it will continue to update those impacted by the data breach as the investigation continues.
An incident response line has also been created for those with questions about the incidents. All questions can be directed to (888) 652-1580 from 6 a.m. to 6 p.m. PT, Monday through Friday.
