Malware
Breaking News: Caesars Entertainment Admits Ransom Payment & Massive Customer Data Breach
Caesars Entertainment admits to paying a ransom after falling victim to a data breach that exposed customers’ personal information. Despite their efforts to protect user data, cybercriminals managed to steal sensitive details. The company assures customers that steps are being taken to prevent future attacks. Learn more about Caesars’ response to this incident and their commitment to safeguarding customer data.
Caesars Entertainment Pays Ransom to Prevent Data Leak after Cyberattack
In an unfortunate turn of events, Caesars Entertainment, the largest U.S. casino chain with an extensive loyalty program, has revealed that it paid a ransom to avoid the online leak of customer data stolen in a recent cyberattack.
On September 7th, Caesars discovered that the attackers had successfully stolen its loyalty program database, which contains crucial information such as driver’s license numbers and social security numbers of numerous customers.
An 8-K form filed by Caesars with the U.S. Securities and Exchange Commission on Thursday states, “We are still investigating the extent of any additional personal or otherwise sensitive information contained in the files acquired by the unauthorized actor.”
The company further reassured customers by stating, “We have no evidence to date that any member passwords/PINs, bank account information, or payment card information (PCI) were acquired by the unauthorized actor.”
According to a report by the Wall Street Journal, Caesars’ 8-K filing suggests that the company paid a ransom to the attackers to prevent the leak of the stolen data online. It is estimated that Caesars paid approximately $15 million, which was half of the initial $30 million demand made by the attackers.
However, despite the payment, Caesars acknowledges that it cannot guarantee the actions of the threat actors responsible for the incident. There is still a possibility that they may sell or leak the stolen customer information.
“We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result,” Caesars stated. The company also mentioned that they are actively monitoring the web and have not found any evidence of further sharing, publishing, or misuse of the data.
How Did Luxottica Handle the Massive Data Breach and Compromised User Accounts?
Luxottica, the renowned eyewear company, faced a staggering challenge when it encountered the luxottica data breach: 70m accounts compromised. With utmost diligence, Luxottica took swift action by implementing robust security measures to rectify the situation promptly. By prioritizing user safety, they ensured affected customers were promptly notified and provided with necessary support. Demonstrating their commitment to protecting data privacy, Luxottica efficiently handled this massive breach, safeguarding user accounts.
Data Breach Only Affects Loyalty Program Members
Caesars has clarified that the data breach only impacts customers enrolled in its loyalty program. The company will notify all affected individuals in the coming weeks.
In a separate data breach notification, Caesars revealed that they have reported the incident to law enforcement and are cooperating fully with the investigation.
Furthermore, the cyberattack has not disrupted Caesars’ customer-facing operations, including online/mobile gaming apps and physical properties.
It is worth noting that this is the second casino chain to be targeted by a cyberattack recently. MGM Resorts International also suffered a cyberattack, which resulted in the temporary shutdown of its IT systems, affecting websites, reservation systems, and casino services such as ATMs, slot machines, and credit card machines.
MGM Resorts previously disclosed a cyberattack in 2019 that led to the breach of its cloud services and the theft of over 10 million customer records.