The Las Vegas-based Boyd Gaming Corporation has disclosed that it fell victim to a cyberattack, which led to unauthorized access to its internal IT infrastructure and the compromise of sensitive information, including data related to employees. This information was provided in a Form 8-K submitted to the U.S. Securities and Exchange Commission on Tuesday.

The filing states that the company “recently encountered a cybersecurity event involving unauthorized access to our internal IT system.” Boyd emphasized that the incident “has not affected the company’s properties or business activities.”

Even though operations remained uninterrupted, the company confirmed that the attackers did extract data from its systems, including details about employees and “a small number of others.” Boyd Gaming is now in the process of notifying those affected and is committed to informing regulators and appropriate government authorities as mandated.

Federal law enforcement and cybersecurity specialists are currently investigating the breach and will assist in response procedures.

Boyd Gaming has a cyber insurance policy that should cover expenses associated with the breach. This encompasses costs for forensic investigations, legal claims, regulatory penalties, and overall response efforts. The corporation does not anticipate a significant negative impact on its financial health or business operations due to this breach.

Boyd manages 28 gaming properties in ten U.S. states, including 11 in the Las Vegas area and three in downtown Las Vegas. The organization employs more than 16,000 staff and reported revenues of $3.9 billion for the year 2024.

This cyber incident involving Boyd Gaming emerges against a backdrop of increasing cyberattacks on Las Vegas casinos and government entities. Just last week, local law enforcement arrested a teenager connected to a “sophisticated cyber crime” linked to attacks on various Las Vegas casino operators in 2023. While specific firms were not disclosed, both MGM Resorts International and Caesars Entertainment were reportedly among those targeted.

Additionally, on August 24, Nevada state authorities confirmed that a ransomware attack severely disrupted multiple state government operations, affecting the Department of Motor Vehicles and social services.

Currently, no entity or individual has claimed accountability for Boyd Gaming’s attack. The company has refrained from engaging with media inquiries concerning the breach. Boyd Gaming continues to investigate and respond while enhancing its cybersecurity defenses to mitigate the risk of future breaches.