Caesars Entertainment

History

2023: Hacker Payout $15M After Hack

On September 7, 2023, the American casino and hotel operator Caesars Entertainment reported a large-scale cyber attack on its computer infrastructure, as a result of which a large amount of customer information was stolen. The company paid hackers about $15 million - half of the amount that the attackers demanded for non-disclosure of the stolen information.

According to Caesars Entertainment, during the invasion, cybercriminals gained unauthorized access to the company's loyalty program database, which includes driver's license numbers and social security numbers. Some other personal information was also stolen - which one is not specified. The number of affected users is not named.

Caesars paid hackers $15 million after hacking

Hackers attacked Caesars Entertainment in late August 2023, Bloomberg reported. It is assumed that the cybercriminal group Scattered Spider (or UNC3944) is behind the organization of the attack. She is known for using social engineering to trick employees into giving access to the corporate network. The UNC3944 includes young people and adolescents. It is known that the attack was carried out through a third-party IT service provider.

The casino operator sent information about the incident to law enforcement agencies and relevant structures. The US authorities have long recommended that victims of cyber attacks and extortion not follow the lead of attackers and not pay a ransom. However, this time the management of Caesars Entertainment decided to transfer funds in order to prevent the disclosure of information about customers.

We have taken the necessary measures to ensure that the stolen information is removed by third parties, but we cannot guarantee that this will happen, the company said in a notice.[1]

Notes