Rivers Casino Philadelphia Faces Proposed Class Actions as a Result of Data Breach

Written By Corey Sharp on January 15, 2025
a system hacked warning over a digital background

Rivers Casino Philadelphia is facing the consequences of a data breach that involved sensitive customer information that was made available to an “unauthorized actor,” according to the casino. There have been a number of people affected, and some have decided to file class action lawsuits as a result.

According to one suit, there would be at least 100 impacted customers who qualify for the class action.

PlayPennsylvania obtained a letter that Rivers Casino Philadelphia allegedly sent out to those affected, attached as an exhibit in one of the complaints, William Moore v. Rush Street Gaming et al. The plaintiff is looking for at least $5 million in that suit.

What the plaintiff is claiming in the lawsuit

The unauthorized actor gained access to Rivers’ files, containing sensitive customer information including social security numbers and bank information, on Nov. 18. Rivers Casino Philadelphia alerted those affected on or around Dec. 30 by mailing out letters.

The lawsuit states that Rivers Casino Philadelphia did not reveal how the data breach occurred or which security system failed.

There are a number of injuries and damages the plaintiff claims to have suffered. The complaint says that those affected because of the breach have been exposed to risk, explaining:

“Plaintiff and the Class have been placed at a substantial risk of harm in the form of credit fraud or identity theft and have incurred and will likely incur additional damages, including spending substantial amounts of time monitoring accounts and records, in order to prevent and mitigate credit fraud, identity theft, and financial fraud.”

The lawsuit also claims that the affected individuals must spend time and money on the following activities to prevent identity theft:

  • Monitoring their accounts to identify fraudulent or suspicious charge
  • Cancelling and reissuing cards
  • Purchasing credit monitoring and identity theft prevention services
  • Attempting to withdraw funds linked to compromised, frozen account
  • Removing withdrawal and purchase limits on compromised accounts
  • Communicating with financial institutions to dispute fraudulent charges
  • Resetting automatic billing instructions and changing passwords
  • Freezing and unfreezing credit bureau account information
  • Cancelling and re-setting automatic payments as necessary
  • Paying late fees and declined payment penalties as a result of failed automatic payments

The complaint claims that the precautions have cost affected patrons “substantial amounts of time” and money out of their own pockets.

Rivers Casino Philadelphia offers complimentary credit card monitoring services

Moore’s complaint includes an example of a letter that it says was sent out to customers affected by the data breach. The letter mainly details how and when the incident took place.

Rivers Casino Philadelphia did offer free credit card monitoring services for a year to affected individuals. The casino said that enrolling into such services would not change the individual’s credit score. It provided instructions on how someone can sign up for the services.

Rivers Casino Philadelphia said that it has “implemented additional security measures to enhance the security of our network.” However, it appeared to be too late for some customers.

The lawsuit cites the Federal Trade Commission‘s (FTC) guide for cybersecurity to protect Personally Identifiable Information (PII), and lists the recommendations. The suit simply states:

Because Defendants were entrusted with consumers’ PII, they had, and have, a duty to consumers to keep their PII secure.

“Consumers, such as Plaintiff and the Class, reasonably expect that when they provide PII to companies such as Defendants, that their PII will be safeguarded.”

Data breaches have seemed to be more prevalent over the years. Caesars paid tens of millions of dollars in ransom money to fight off a cyberattack in September 2023. Luckily, Harrah’s Philadelphia was not affected. MGM Resorts, FanDuel, and DraftKings have all encountered problems with hacking or social engineering in recent years as well.

Although the Rivers Philadelphia incident has produced multiple lawsuits, they are likely to be consolidated if the courts grant them class status, due to their similarities.

Photo by Black_Kira/Shutterstock
Corey Sharp Avatar
Written by
Corey Sharp

Corey Sharp is the Lead Writer at PlayPennsylvania bringing you comprehensive coverage of sports betting and gambling in Pennsylvania. Corey is a 4-for-4 Philly sports fan and previously worked as a writer and editor for the Philadelphia Inquirer and NBC Sports Philadelphia.

View all posts by Corey Sharp
Privacy Policy
Newsletter Sign Up
Fill in the data to get the latest news from PlayPenn
You are already subscribed to our newsletter. Want to update your preferences data?
Your data was sent and sign up for PlayPenn newsletter confirmed
View Offers