Boyd Gaming Stays Quiet on Ransom Issue After Cyber Break-In

Boyd Gaming Corp., one of Nevada’s oldest casino companies, faces questions after revealing that hackers broke into its internal tech systems and got hold of sensitive data. The Las Vegas-based business confirmed the break-in in a report to the Securities and Exchange Commission (SEC) earlier this week, but would not say if the attackers asked for or got money.

Boyd Notifies Staff After Cyber Intrusion but Downplays Business Risk

Based on the filing, Boyd took swift action when it spotted suspicious activity. The company brought in outside cybersecurity experts and worked with federal law enforcement. Boyd stated that its casino floors and hotel operations kept running without interruption.

The company does not think the attack will lead to major financial losses. Boyd’s leaders pointed out that the company has broad cybersecurity insurance. This policy is set up to cover the costs of investigating, business disruptions, legal claims, and potential regulatory penalties.

The company admitted that thieves stole employee records and some personal information. However, it has not shared how much was taken. Boyd is letting affected people and regulators know, as federal and state laws require. Since it has over 16,000 employees at 28 casinos across the country, including 11 in the Las Vegas area, this breach could affect a big chunk of its staff.

Boyd Silent on Hacker Talks as Nevada Faces Surge in Cyberattacks

Boyd’s refusal to say if it talked with the attackers shows a problem other big casinos face, too. In 2023, people said Caesars Entertainment paid millions to get back into its systems, while MGM Resorts International did not pay, which caused its hotels and casinos to shut down for days. MGM later said this cost them about $100 million.

Unlike MGM, Boyd has not said how the criminals got in, reported The Las Vegas Review-Journal. For MGM, investigators said hackers tricked workers into giving away their login information. Experts in cybersecurity call this “social engineering.” People who study the industry say these tricks are still a big weak spot for casinos, which have lots of financial information, business secrets, and personal data.

The leak adds to a string of major digital break-ins that have rocked Nevada in the last couple of years. Just weeks ago, the state government confirmed that a ransomware attack had disrupted services at agencies like the Department of Motor Vehicles. Police also nabbed a teen for his alleged role in cyberattacks on Las Vegas casinos in 2023.