Casino operators hit by recent cyberattacks say the incidents have not affected operations at their related sports betting sites.
Hackers recently targeted Caesars Entertainment Inc. and MGM Resorts International, causing some disruption at the brick-and-mortar properties of the latter.
MGM Resorts said Tuesday that it recently spotted a cybersecurity issue and, as part of its response, shut down certain systems. But a spokesperson for MGM, a co-owner of BetMGM with Entain PLC, told the Wall Street Journal that the online sportsbook was unaffected, although some BetMGM kiosks at physical properties were.
Caesars Entertainment said in an SEC filing today that it determined on Sept. 7 some "unauthorized actor" acquired a copy of its loyalty program database, among other data. Business is so far unaffected but the company has "taken steps" to get the data deleted and is offering… pic.twitter.com/bG7LI9HfzC— Geoff Zochodne (@GeoffZochodne) September 14, 2023
Nevada-based Caesars said in a Securities and Exchange Commission filing on Thursday that an “unauthorized actor” acquired a copy of its loyalty program database, among other data. That database includes driver’s license and social security numbers, the company noted.
However, Caesars said it had no evidence any passwords or banking information was stolen by the attackers. The company added it has "taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result."
According to Bloomberg and the Wall Street Journal, those steps included paying millions in ransom money. Caesars added that while it has yet to see any evidence its data has been shared further, the company is offering credit monitoring and identity theft protection services to all loyalty program members.
“Our customer-facing operations, including our physical properties and our online and mobile gaming applications, have not been impacted by this incident and continue without disruption,” the company said in the SEC filing.
A recurring risk
Still, the recent incidents are doubtless trouble the casino operators would like to avoid, even if they can’t be dodged entirely. They also underscore the importance of the digital side of their businesses, including when it comes to legal sports betting.
“While no company can ever eliminate the risk of a cyberattack, we believe we have taken appropriate steps, working with industry-leading third-party IT advisors, to harden our systems to protect against future incidents,” Caesars said in its filing. “These efforts are ongoing. We have also taken steps to ensure that the specific outsourced IT support vendor involved in this matter has implemented corrective measures to protect against future attacks that could pose a threat to our systems.”