Caesars reportedly paid tens of millions of dollars in ransom money to fight off a cyberattack. However, reports are indicating that Caesars Rewards members’ driver’s license and Social Security numbers have been stolen.
Caesars operates a retail Pennsylvania casino, Harrah’s Philadelphia. However, Caesars said its casinos and its online betting operations have been unaffected by the hack.
With sensitive information online, security has been of the utmost importance in the gaming industry in recent years. Another popular operator incurred a cyberattack not too long ago, as well.
Hackers acquire Caesars customers’ personal information
In addition to its retail casino in Pennsylvania, Caesars operates two of the best PA online casino platforms, Caesars Palace Casino PA and Tropicana Casino.
Although the online casinos appear to be unaffected, Caesars is out tens of millions of dollars, according to Bloomberg, and its customers’ personal information has been stolen.
The attack happened in late August, according to a Securities and Exchange (SEC) filing Caesars made. In the report, Caesars provided details to an investigation conducted last week. It read:
“As a result of our investigation, on September 7, 2023, we determined that the unauthorized actor acquired a copy of, among other data, our loyalty program database, which includes driver’s license numbers and/or social security numbers for a significant number of members in the database.”
The filing said that the investigation is still ongoing to figure out the extent of the attack. However, Caesars noted that it had no evidence of information such as passwords, bank account and credit card numbers being stolen.
Though Caesars said the company has built up costs due to the act, no details of a specific dollar amount have been announced. Caesars said:
“We have incurred, and may continue to incur, certain expenses related to this attack, including expenses to respond to, remediate and investigate this matter. The full scope of the costs and related impacts of this incident, including the extent to which these costs will be offset by our cybersecurity insurance or potential indemnification claims against third parties, has not been determined.”
Others cyberattacks on Pennsylvania casino operators
MGM Resorts was the victim of another cyberattack. Though MGM Resort’s online platform, BetMGM PA Casino, appears safe, its retail casinos across the country have been affected. The company released a statement earlier this week:
“MGM Resorts recently identified a cybersecurity issue affecting some of the company’s systems. Promptly after detecting the issues, we quickly began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems.
“Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter.”
According to CNBC, MGM Resorts’ corporate email, restaurant reservation and hotel booking systems remain offline. Digital room keys for hotels are not operational, either.
This isn’t the first time operators have been victims of cyberattacks. FanDuel and DraftKings each had their online sportsbooks hacked in December 2022. BetMGM was the victim of another attack, too, in December. It appeared to have come out of that situation unscathed.
Caesars has put itself in a financial hole after paying a ransom. However, it could actually get worse after determining the severity of the attacks for Caesars customers.