A Monday deadline
Casino company Wynn Resorts is reportedly the victim of a cyberattack from a group that’s demanding a 22.34 Bitcoin ($1.5m) ransom.
As first reported by The Register, ShinyHunters claimed on Friday that it stole more than 800,000 employee records and will leak the data if it doesn’t get a response from Wynn by Monday. Wynn Resorts hasn’t publicly commented on the threat or confirmed that it suffered a breach.
has access to employees’ private information, including their Social Security numbers
The hacker group’s blog post claimed it now has access to employees’ private information, including their Social Security numbers. Wynn Resorts currently employs about 28,000 people across its operations in Nevada and Macau.
Access gained in September
In addition to threatening to leak the data, the hacker group said the Las Vegas-based company will have to deal with “several annoying problems.” Typical hacker tactics include DDoS attacks that flood websites with traffic so they go offline or become incredibly slow, and internal system disruptions or operational nuisance attacks, such as fake reservations or automated complaints.
The Register claims to have seen samples of the data, which include the full names of workers, as well as phone numbers, positions, salaries, birthdays, and email addresses.
gained access in September to Wynn’s systems through a vulnerability in Oracle PeopleSoft
A spokesperson for ShinyHunters told the technology news outlet that it gained access in September to Wynn’s systems through a vulnerability in Oracle PeopleSoft, by using the credentials of an employee. It didn’t reveal if it obtained the credentials by paying for them or through social engineering.
Links to the MGM and Caesars attacks
ShinyHunters has breached dozens of big-name companies in recent times, including Canada Goose, Bumble, and Panera Bread. A group with reported links to ShinyHunters was also involved in the hacks against MGM Resorts and Caesars International in 2023. A hacking group called Scattered Spider carried out the attacks using social engineering.
Caesars reportedly quietly paid a $15m ransom
The two companies took vastly different approaches to dealing with the ransomware attacks. Caesars reportedly quietly paid a $15m ransom to ensure there was minimal disruption to operations.
MGM, on the other hand, refused to meet the hackers’ demands, leading to nearly two weeks of disrupted operations at its Las Vegas properties. This included hotel reservation systems going offline, corporate email not working, and payment systems being disabled. MGM estimated that the issue cost about $100m.
