Caesars Data Breach Saw Hackers Steal Over 41,000 People’s Data

Think the house always wins? Casino giant Caesars would beg to differ, after admitting the scale of its recent data breach.

Casino giant Caesars has admitted that more than 41,000 of its patrons had their personal information stolen in a major September data breach that pre-dated that month's blockbuster MGM hack.

While the total number of victims is still be counted, Caesars has now said that 41,397 folks from the state of Maine had their details pilfered by the cybercrime gang responsible for the ransomware attack. A group called Scattered Spider has been judged responsible for the breach.

Shedding further light on the incident, the chain says that its loyalty scheme specifically was hacked and that the pilfered personal data includes the names, driver's license and ID card details of customers from The Pine Tree State. However, it insists that financial and payment details were not accessed in the attack, even though it is now offering those affected two-year's worth of cybersecurity and identity fraud insurance on the house

Caesars Still Counting Total Number of Hack Victims

Caesars made the admission in a recent filing with the Maine Attorney General's office, where it says that the final number of hack victims is still to be determined.

However, in good news for anyone who visited Caesars from Maine last month, Caesars adds in an attached PDF sample letter sent out to affected residents that it had “taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result.”

Surfshark logo🔎 Want to browse the web privately? 🌎 Or appear as if you're in another country?
Get a huge 86% off Surfshark with this special tech.co offer.See deal button

This could be translated as Caesars quietly copping to paying out the ransom demand of the cybercrime gang behind the attack. According to CNBC, the casino chain negotiated the figure down to $15 million from an initial price of $30 million.

Caesars Allegedly Paid Demand Days Before MGM Breach

What's interesting here is the timeframe Caesars allegedly paid out the ransom demand. It was apparently only a matter of days after the chain apparently paid up that the same ransomware gang, Scattered Spider (also known as UNC3944 or Roasted 0ktapus), hacked MGM in another major breach of Vegas heavyweights.

This highlight something that virtually all ransomware statistics confirm: companies should never pay ransom demands to cybercriminals, as it only encourages them to execute further attacks on similar targets.

Explaining exactly what happened in the breach, Caesars notes that it was the “victim of a social engineering attack on an outsourced IT support vendor that resulted in unauthorized access (on August 18, 2023) to Caesars' network and the exfiltration of data (beginning on or about August 23, 2023).”

Scattered Spider Ransomware Hits “Hundreds” of Companies

The casino chain adds in its letter to affected Mainers that it is providing them with two years of identity theft protection through a third-party provider, IDX. The policy includes “credit and dark web monitoring to detect any misuse of your information” as well as coverage of up to $1 million should anyone fall victim to identity theft.

While Caesars and MGM are two high-profile victims claimed recently by Scattered Spider, the actual number of organizations affected by its latest ransomware campaign could number in the hundreds.

That's according to Google-owned security firm Mandiant, the group has recently diversified its criminal endeavors to include ransomware attacks on a “wide range of industries including hospitality, retail, media and entertainment, and financial services.” No other major companies have so far been named, but the lesson from the Vegas strip seems to be clear: the house doesn't win when it pays out ransomware demands.
Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
James Laird is a technology journalist with 10+ years experience working on some of the world's biggest websites. These include TechRadar, Trusted Reviews, Lifehacker, Gizmodo and The Sun, as well as industry-specific titles such as ITProPortal. His particular areas of interest and expertise are cyber security, VPNs and general hardware.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals