Dotty’s Reveals Details about Data Breach Incident

Owned by Nevada Restaurant Services and Craig Estey, Dotty’s reportedly was affected by a malware cyberattack. Dotty’s operates some 120 gaming venues in Nevada and has approximately 300,000 players in its database. The operator acknowledged that some users’ data, such as names or dates of birth, may have leaked earlier this year.

Dotty’s Acknowledges a Data Breach

Dotty’s, a company that runs some 120 gaming venues in Nevada, has reportedly suffered a data breach. Owned by Craig Estey and his Nevada Restaurant Services (NRS) company, it seems that Dotty’s was the victim of a cyberattack related to malware earlier this year. Dotty’s data breach was first unveiled last week by Vital Vegas, a website run by Scott Roeben. Roeben himself revealed that he was “tipped” about the breach by one of his Twitter followers named Zach D.

Although the issue was identified in January 2021, it seems that affected users are just now receiving notice that some of their details may have leaked. Furthermore, a Notice of Data letter under NRS dated July 1, 2021, acknowledges that some private information belonging to Dotty’s customers may have been affected by the incident.

Such information may include driver’s license numbers, names, or dates of birth. Currently, Dotty’s database holds the personal info of some 300,000 players. With that in mind, NRS did not reveal how many users were affected by the discovered data breach.

Breach Investigation Details

NRS explained the data breach incident in a letter, saying that in January this year, it found that malware software was present at some computer systems within its environment. Consequently, the company began an investigation, aiming to determine the nature of the incident, as well as to secure its network.

“In January 2021, NRS identified the presence of malware on certain computer systems in our environment,”

explained Nevada Restaurant Services

The company said that the investigation determined that “an unauthorized person accessed certain systems” within the NRS network. Furthermore, the company acknowledged that that unauthorized person had copied certain information from those systems on or before January 16 this year. After further review and analysis, the NRS found that some users’ data may have been affected. Users have confirmed to Vital Vegas that they received a letter from Dotty’s about the breach, but indicate that they were only recently informed – months after the apparent attack.

NRS Tops up Security Measures

Considering the discovered data breach, NRS assured that security measures already in place are focused on protecting the clients’ data. Furthermore, the company revealed that it has taken extra technical methods to safeguard its digital environment. The NRS encouraged its customers to “remain vigilant” against identity thefts and frauds by regularly reviewing their account statements. Furthermore, the company offered complimentary access to its “credit monitoring and identity theft restoration services, through IDX.”

“We have security measures in place to protect the information in our care, and we have worked to add further technical safeguards to our environment.”

Nevada Restaurant Services

This, according to NRS, will provide an extra layer of security for the users that want to take advantage of it. With that in mind, the NRS explained that users that want to participate must enroll themselves, as the company cannot launch that option for them. Last but not least, the NRS apologized for any inconvenience or concerns which the data breach incident may cause.

4 Comments

  • Nina
    July 16, 2021 at 7:22 pm

    So we are now being notified 7 months after the fact. Yet only get 1 year of a complementary monitoring BUT if your identity is used you get 7 years free.
    What ever was leaked name date of birth and address is enough to do damage if used now or later. Companies that have this kind of private information on us need to upgrade their computer programs on a regular basis. Why are they not doing this? What they don’t think its going to happen to their company. Give me a break. Now everything is online nothing and no one is safe. Guess who gets to clean up the mess the people who’s information was leaked including mine. Do you know how long and hard this process is, and sometimes indefinitely.

    • Gigi
      July 27, 2021 at 4:14 am

      You go girl

  • Charlee Smith
    August 7, 2021 at 10:14 pm

    My letter says my name, driver’s license, date of birth, and SOCIAL SECURITY NUMBER were affected. I’m sorry but one little year of credit monitoring is not enough compensation for that.

  • sherri
    August 28, 2021 at 8:10 am

    my husband and i both recieved a letter on breach, we had idenity theft last sept til march 2021 my accts were froze because of 5 transaction from a bank of negaro, in Indonesia, 2 months before, a person ordered levis from the online store with 200 others who also were idenity thefted. but levi woukd not give up address the package went to., police report, and some otger calls with screen shots of all idenitys stolen and ordered from and channel 8s story on it. 2018 rapid cash approved a online cash loan on a deceased (2016 mom nlaws car, now in our name, it was nit registered or insured in my driveway, they had no picture id on who got the $, they approved 800 over kbb price if in bad condithe ion and it was in horrible condition. we asked to see the paper wk on line, we have no rapid cash loan history, i cashed my paychecks at tge one ok n eastern flamingo, were i worked at red lobster 14 years. i laughed at them told them we had a credit freeze, after we got our home loan, in 2014. our credit union whom we secured our mortgages with suggested it, after our credit was run without our knowledge during closing of our house. i called dottys, they employee had no idea what j was talking about she hadnt heard of that and assured me i was wrong, i read the letter out loud , pissed off how did she not know, had no one since the breach, mentioned this since publically announced 7 months after actual breach happened not asked about it or mentioned in company meetings. so i went in to the closest, of 3 in a couple blocks around my house, this stores employee acted like we were up to something, looked at us like we were crazy and rolling her eyes, she said no idea what your talking about. so last week our hospital, umc sent me a letter about their breach, of my burn unit files n records with all info compromised, i went on idx, using idx to give us so called protection. i set it up. but we cant find the dottys letters with our idx code for free protection, for only a year but they’ve known about breach for over 7 months. we have missed placed our letters, im sure i put them up so not get lost, so you only have 60 days to use codes and not being able to get a company employee to help or to get a common code or are each customers, whose id was compromised, do we all, have separate codes. well if only a employee knew about this breach or what is going on. or wasn’t instructed to play dumb. i am calling a lawyer on monday, maybe they can, or fbi, or police dept can get a real employee who is in the inner circle to know the good n bad of a company, whose design is to keep customers, drunk, gambling and not where they belong , at home, with paychecks in pockets. i really have a dislike for dottys but now with the not being able to get answers, 3 strike they are out of here. and contract signed that hubby steps foot in a dottys or any restaurant services properties its divorce and i get it all, plus alimony. im over it all id asking companies, getting a issued ss# replacement a nev id , reserve drivers liscense for real responsible companies so ive been tgru alit and equifax and both others had a credit freeze on me placed by us , all the breaches n freezes still happened. even a credit card freeze did not protect by card company paid for by us did nit stop the problems. i give up.

Leave a Reply

Your email address will not be published. Required fields are marked *