Caesars Entertainment Inc. has reportedly paid a substantial sum to hackers who infiltrated the company’s systems and threatened to release sensitive data.
This breach follows closely on the heels of another cyberattack on MGM Resorts International.
Caesars Entertainment has not officially commented on the situation, but after Bloomberg News initially reported the cyberattack, the company disclosed it in a regulatory filing.
This revelation had a minimal impact on the company’s stock, with shares remaining relatively unchanged.
The hacking group responsible for this attack is allegedly known as Scattered Spider or UNC 3944.
They are recognized for their expertise in social engineering tactics to gain access to corporate networks.
Attend the Live DDoS Website & API Attack Simulation webinar to gain knowledge on various types of attacks and how to prevent them.
In Caesars’ case, the hackers first breached an external IT vendor before infiltrating the company’s network.
The timeline of the attack indicates that Caesars was targeted as early as August 27. Notably, members of this hacking group are believed to be relatively young, with some individuals as young as 19 years old, residing in the US and the UK.
The attackers managed to steal sensitive data from Caesars’ loyalty program members, including driver’s licenses and social security numbers, as confirmed by the company in their regulatory filing.
Typically, hacking groups demand cryptocurrency as ransom in exchange for stolen data.
Some employ ransomware tactics to lock up computer files, offering decryption keys only upon payment.
In recent cases, hackers have chosen to steal data and demand payment, threatening to publish the information if their demands are unmet.
Caesars has stated that they’ve taken measures to ensure unauthorized actors delete the stolen data, though they cannot guarantee this outcome.
Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.