Last updated 1 month ago
Wynn Resorts, a major hospitality and casino operator, confirmed a data breach involving employee information after the ShinyHunters extortion gang listed the company on its data leak site. The breach resulted in unauthorized access to employee data, though specific record counts or affected system details were not quantified in the public disclosure.
The attack involved unauthorized access to Wynn Resorts' systems, leading to data exfiltration. The ShinyHunters threat actor then posted the stolen employee data on their extortion site to pressure the organization. The compromised data specifically included employee information, though the exact data fields (such as names, IDs, contact details, or internal records) were not detailed in the confirmation.
Wynn Resorts publicly confirmed the breach in response to the extortion threat and data leak site posting. The company has initiated incident response procedures, but no further details regarding containment measures, regulatory notifications, or ransom payment status were disclosed.
Data theft and extortion via data leak site posting
Article reveals ShinyHunters is demanding $1.5 million ransom not to leak the stolen data, which is a new extortion demand detail not previously recorded in the database entry.
Wynn Resorts confirmed the data breach involved employee information and is offering credit monitoring to affected staff, while security professionals question the company's reliance on the hackers' claim that they deleted the stolen data.
The breach highlights the need for hospitality companies to implement robust access controls and monitoring for employee data repositories, given their attractiveness to extortion-focused threat actors like ShinyHunters. It also underscores the importance of having an incident response plan that includes protocols for handling public extortion threats and data leak site postings to manage reputational and operational risk.
Sign in to join the discussion.
Company
Industry
Location
Disclosed
Records Affected
Attack Vector
Threat Actor
Continent
Country
Industry
Attack Vector
Threat Actor