Social Media Rumors: New Cyber Attack at Caesars?

Rumors of a new cyber threat at Caesars Entertainment are spreading fast on social media. Many are drawing parallels to 2023, when the company paid $30 million after hackers breached its defense systems and threatened to reveal confidential data to the public. 

What Happened in 2023

The attack was initiated on August 27, 2023, by a group that goes under the name Scattered Spider or UNC 3944, made up of tech-savvy young people across the United States and the United Kingdom.

The hackers initially targeted an outside IT vendor and later on got access to Caesars’ network, relying on social engineering to take hold of critical company data.

The hackers allegedly demanded tens of millions of dollars in ransomware money that the casino company had no choice but to pay. Their call prevented the operational shutdowns that MGM Resorts experienced after refusing to pay, when its official website temporarily went offline. 

MGM then attempted to mitigate the issue by offering dedicated phone numbers aimed at customers who needed to make reservations or reach individual properties.

Besides the website outage, customers attempting to log on to the company’s BetMGM website in Nevada reported having trouble. This widespread disruption has left patrons and investors concerned about the company’s potential financial impact.

“Here We Go Again”

A Las Vegas-based influencer shared internal messages on X, warning of a “spike in phishing attempts” targeting employees. Attackers are reportedly impersonating Caesars IT, cybersecurity, HR, and even trusted vendors. 

The messages warned that employees were receiving calls, emails, and texts appearing to come from Caesars.

Vital Vegas, which posted the messages, later added that staff “have lost mobile access to Okta,” the login management software that was a major vulnerability in the 2023 breach.

The X post quickly gained traction, attracting nearly 30,000 views and comments from former employees. 

Ex-MGM worker Whitney Dawe wrote, “here we go again.” Another user noted, “Better ramp up personal at the help desk” while a different one stated, “I’m sure Caesars was warned this would happen. It’s just one of the downsides of paying up.”

Last month, it was reported that Wynn Resorts allegedly fell victim to a far-reaching data breach that triggered the loss of 800,000 internal records.

A specialist media publication that interviewed the perpetrators who go by the name the ShinyHunters learned that their hefty demand to prevent a leak was $1.5 million in Bitcoin.

The hackers allegedly obtained sensitive information, including social security numbers, phone numbers, birth dates, email addresses, job titles, and salaries of both present and former employees.