Caesars Entertainment Reaches Out to Rewards Members About Cyberattack
Posted on: October 9, 2023, 09:26h.
Last updated on: October 9, 2023, 12:27h.
Caesars Entertainment on Friday emailed many Caesars Rewards members about the cyberattack levied against the casino company in September. That resulted in the firm paying out a hefty bounty to keep its operating systems intact.
Caesars last month confirmed through a securities filing that it paid a ransom to a criminal cybergang. Though the Caesars Palace operator did not specify the amount, reports later surfaced that the bounty was in the neighborhood of $30 million. The recipient was also not detailed, though it is presumed to be an online entity called “Scattered Spider,” or UNC 3944.
Company officials said the ransom payment kept its operating systems intact and was in exchange for the hackers guaranteeing that the compromised data would not be sold or shared on the dark web. However, Caesars’ reps conceded there’s no absolute way to ensure the stolen files and documents won’t be wrongfully distributed.
The Caesars cyberattack largely targeted the Caesars Rewards database, which has over 65 million members. The loyalty program stems from the company’s Las Vegas operations to regional properties across the U.S. to Caesars’ online sportsbook and iGaming platforms.
Complimentary Credit Monitoring
Caesars’ September filing with the U.S. Securities and Exchange Commission (SEC) notified consumers and financial regulators that the cyber attackers successfully seized sensitive information on Caesars Rewards members. The stolen data included driver’s licenses and Social Security numbers “for a significant number of members in the database.”
Last week, Caesars Entertainment contacted possibly affected Rewards members through an email titled, “Incident Notice for Caesars Rewards Members.” The notice told the participants of the September data breach. It offered two years of complimentary identity theft protection services and credit monitoring through IDX, an Oregon-based firm that assists companies in responding to data breaches.
Each “Incident Notice” includes an enrollment code that Caesars Rewards members can use to register for the identity theft monitoring service on the IDX website listed here.
Caesars Rewards members who enroll in the IDX monitoring will be immediately alerted to any changes to their credit report. IDX’s “CyberScan” continuously monitors criminal websites, chat rooms, and online bulletin boards for illegally selling or trading enrollees’ personal information.
Caesars Vendor Compromised
Caesars Entertainment on Friday also confirmed that the cyberattack included one of its vendors that helps the casino manage its loyalty program. The impacted third party wasn’t named, but Caesars did say it was an attack “on an IT support vendor.”
The IT firm possesses sensitive data on Caesars Rewards members, including their names, Social Security numbers, and dates of birth. But the Caesars filing said at this time, there’s no knowledge that any information seized in the attack has been distributed.
While Caesars opted to pay the cybercriminals a ransom, a similar attack against MGM Resorts — also said to be from Scattered Spider — saw the Bellagio operator refuse to pay. MGM reps said in an SEC filing last week that the attack is expected to cost the company more than $110 million in earnings in the third quarter before interest, taxes, depreciation, and amortization.
Related News Articles
MGM, Caesars Hackers Claim They Stole Six Terabytes of Data
MGM Resorts Cyberattack Latest: Company Says Casinos and Hotels Remain Operational
MGM Resorts CEO Bill Hornbuckle Thanks Guests for Patience During Cyberattack
MGM Cyberattack Likely Costing Casino Company Millions of Dollars a Day
Most Popular
FTC: Casino Resort Fees Must Be Included in Upfront Hotel Rates
Genovese Capo Sentenced for Illegal Gambling on Long Island
NBA Referees Expose Sports Betting Abuse Following Steve Kerr Meltdown
UPDATE: Former Resorts World & MGM Grand Prez Loses Gaming License
Most Commented
-
UPDATE: Whiskey Pete’s Casino Near Las Vegas Closes
December 20, 2024 — 32 Comments— -
Caesars Virginia in Danville Now Accepting Hotel Room Reservations
November 27, 2024 — 9 Comments— -
UPDATE: Former Resorts World & MGM Grand Prez Loses Gaming License
December 19, 2024 — 8 Comments— -
FTC: Casino Resort Fees Must Be Included in Upfront Hotel Rates
December 17, 2024 — 7 Comments—
Last Comments ( 2 )
I have their personal information. Already got two death threats from them.
If the corrupt FBI weren't so involved in harassing parents at school board meetings, Catholics, and Biden and the democraps political opponents then maybe they would have more time to actually go after cyber criminals instead of being part of the crime!!