Caesars Allegedly Compensated Hackers for Ransomware Extortion

Published: September 13, 2023, 05:06h. 

Last updated: September 13, 2023, 05:06h.

Reports of cyber attacks on Las Vegas Strip casino operators are escalating. Two days after MGM Resorts International confirmed a widespread cyber attack, Caesars Entertainment is reportedly preparing to disclose its own ransomware incident. This news could have significant implications for sports bettors.

Caesars F1
Caesars Palace Las Vegas. The operator reportedly paid a ransomware demand and rival MGM could do the same. (Image: CNN)

According to undisclosed sources, the hacking group known as Scatter Spider, or UNC 3944, was successful in extorting an undisclosed sum from Caesars through a recent ransomware attack. Speculation suggests that the cyber thieves may have obtained $30 million or more from the prominent gaming company.

Under new guidelines from the Securities and Exchange Commission (SEC), publicly traded companies are required to disclose “material” events, including cyber ransoms, to investors. Caesars is expected to file the necessary documentation, known as an Item 1.05 Form 8-K, in the near future. The most recent SEC filing by Caesars was dated August 25. attempted to contact Caesars for comment but received no response before publication of this article.

Ransomware Attacks on the Rise

While MGM has not confirmed being targeted by a ransomware attack, cybersecurity experts believe that the recent cyber breach experienced by the company displays characteristics consistent with such an infiltration.

It is believed that Scatter Spider is not responsible for the MGM hack. Media reports indicate that the breach occurred when the perpetrator posed as a current MGM employee and leveraged this false identity to gain access to technology credentials from the company’s IT department.

In contrast, Scatter Spider is said to have carried out its attack on Caesars through a third-party vendor. By breaching the vendor’s systems, the hacking group gained entry to the Caesars network. The incident is suspected to have started on August 27, according to Bloomberg.

Both MGM and Caesars are major players on the Las Vegas Strip, and they also own numerous regional casinos across the United States.

Impact on Potential Investors

Caesars has not released official details regarding the financial impact of the cyber attack it suffered, and MGM has not confirmed the existence of a ransomware situation. However, these incidents could negatively affect investors in both companies.

In a note to clients, Moody’s Investors Service labeled the MGM breach a “credit negative” event. While Moody’s did not downgrade MGM’s rating, the research firm acknowledged the risks associated with the company’s heavy reliance on technology and the operational disruptions caused by system shutdowns or malfunctions. Moody’s did not comment on Caesars. The agency currently assigns a “B1” grade to MGM’s debt.

“Additional risks to MGM include potential revenue losses during system downtime, reputational damage, and costs associated with investigation and remediation,” Moody’s added. “There is also a potential risk of litigation expenses or liability for any compromised data.”

Source link

Leave a Comment