Sports Betting News: November 17, 2023, 02:06h.
Updated Rivers Casino Cyberattack Report November 17, 2023, 02:06h.
Rivers Casino Des Plaines, Iowa announced today that it had been the victim of a cyberattack that resulted in a data breach. This occurred during or around August 12, 2023, and was only discovered in November, the casino revealed in a statement.
Evidence shows that the data breach exposed patrons’ and employees’ private information, including names, contact details such as phone numbers and email addresses, as well as driver’s license and government ID numbers.
Additionally, hackers may have gained access to financial account, tax identification, Social Security, and passport numbers of a small portion of customers, the Rush Street Gaming property disclosed.
Security Measures
The casino assured that customer passwords and credit card information were unlikely to have been impacted by this violation of security.
This is significant since passwords hold considerable value for hackers, who often sell them to fraudsters. These stolen passwords can be used for “credential stuffing” scams, where a fraudster gains access to accounts on various platforms by using the same stolen credentials.
Rivers has not revealed the exact number of customers affected. Public records from the Illinois Gaming Board indicate that in the month before the attack, the casino had 273,000 visits and almost 300,000 bets at its sportsbook, where customers were also impacted.
According to an official statement released by the casino, “Casino Des Plaines utilizes robust security protocols. Unfortunately, we recently discovered a data security incident. Upon learning of the incident, Rivers promptly took steps to contain the threat and secure our systems, avoiding any interruption to our operations or in the services we provide to our customers.”
The casino has recruited a specialist cybersecurity firm to investigate the breach.
Recent Attacks on Casinos
The attack has been linked to a series of prominent cybercrimes targeting casinos. In September, both MGM Resorts and Caesars Entertainment underwent cyber breaches that resulted in significant disruptions, particularly for MGM, which refused to pay a ransom.
By paying around $15 million, Caesars managed to restore normal services. MGM eventually suppressed the threat after a few days of disruption, with an estimated loss of $100 million.
The FBI is currently investigating these attacks, attributing them to a hacking group known as “Scattered Spider,” “Octo Tempest,” or “the Com.”
This week, cybersecurity executives tracking the group expressed concern over the lack of arrests despite the FBI’s awareness of the individuals involved.