Wynn Resorts Data Breach Confirmation
Wynn Resorts has acknowledged that a data breach involving its computer system occurred, but it has not confirmed whether a ransom of $1.5 million was paid to the hackers and data extortionists known as ShinyHunters.
Statement from Wynn Resorts
Wynn spokesman Michael Weaver stated, “We have learned that an unauthorized third party acquired certain employee data. Upon discovery, we immediately activated our incident response protocols and launched a thorough investigation with the help of external cybersecurity experts.”
Weaver further mentioned, “The party has stated that the stolen data has been deleted. We are monitoring and to date have not seen any evidence that the data has been published or otherwise misused.”
The statement also assured that “Our guests can continue to expect the customer experience for which Wynn Resorts is known.” While the investigation remains ongoing, the company has decided to offer complimentary credit monitoring and identity protection to all employees. “The security and confidentiality of our employees, as well as our guest data, is our top priority. While no company can ever eliminate the risk of a cyberattack, we are taking appropriate steps and working with industry-leading third-party IT advisers to strengthen our systems to protect against future incidents.”
Details on the Data Extortion
The group responsible for the attack is identified as ShinyHunters. They allegedly demanded the ransom to prevent the release of approximately 800,000 files stolen from Wynn Resorts, which reportedly include sensitive data such as:
- Full names
- Emails
- Phone numbers
- Positions
- Social Security numbers
- Salaries
- Start dates
- Birthdays
