Company Reports Hack of Caesars Reward Database

Posted on: September 14, 2023, 03:33h. 

Last updated on: September 14, 2023, 03:33h.

Caesars Entertainment (NASDAQ: CZR) confirms being targeted by cyber attack on Caesars Rewards database and other data troves.

Caesars Debt
Caesars Palace on the Las Vegas Strip. The operator confirmed it was the target of a cyber attack and that hackers stole data from the Caesars Rewards database. (Image: Getty Images)

In a recent Securities and Exchange Commission (SEC) filing, Caesars Entertainment (NASDAQ: CZR) announced that it fell victim to a cyber attack. The attack specifically targeted the Caesars Rewards database, along with other data that the company holds. This announcement confirms previous speculation and rumors surrounding the incident, which occurred just days before rival MGM Resorts International (NYSE: MGM) faced a similar attack. While the filing did not explicitly confirm the reported $30 million ransom paid to the hacking group known as “Scattered Spider” or UNC 3944, it did suggest that the company may incur expenses related to the breach.

According to the filing, Caesars Entertainment (NASDAQ: CZR) stated, “We have incurred, and may continue to incur, certain expenses related to this attack, including expenses to respond to, remediate and investigate this matter. The full scope of the costs and related impacts of this incident, including the extent to which these costs will be offset by our cybersecurity insurance or potential indemnification claims against third parties, has not been determined.”

Recent SEC guidelines require public companies to disclose any “material” events to investors. These events include fires at factories, storms affecting operations, and cyber attacks.

Caesars Rewards Database Breached

Caesars Entertainment’s (NASDAQ: CZR) Caesars Rewards program, with over 65 million members, is the largest loyalty program in the gaming industry. This makes it an attractive target for cyber criminals.

The regulatory filing confirmed that the hackers gained access to sensitive data, including driver’s license and Social Security numbers, of a significant number of members in the database. However, there is currently no evidence that member PINs, bank account data, or payment card numbers were acquired.

Caesars Entertainment (NASDAQ: CZR) stated in the SEC filing, “We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result. We are monitoring the web and have not seen any evidence that the data has been further shared, published, or otherwise misused.”

As a precautionary measure, Caesars is offering free credit monitoring services to customers. Customers can request this service by calling (888) 652-1580.

Impact of Caesars Ransomware Attack

The term “material” is subjective. If Caesars Entertainment (NASDAQ: CZR) did pay the reported $30 million ransom to “Scattered Spider,” it may seem like a small amount for a company with a market capitalization of $11.27 billion.

Caesars Entertainment (NASDAQ: CZR) did not classify the attack as catastrophic in the regulatory document. While the full impact on guest behavior and potential financial consequences remain uncertain, the company does not currently anticipate any material effect on its financial condition and results of operations.


Source link

Leave a Comment