In the wake of a cyber breach at the renowned Casino Del Sol in Tucson, Arizona, the FBI and local law enforcement have launched a thorough investigation, shedding light on the escalating concerns surrounding cybersecurity within the casino realm. This incident, which led to a significant disruption in services, amplifies the vulnerabilities prevalent in the industry and underscores the urgent need for heightened security measures

Casino Del Sol Responds Swiftly to Cybersecurity Breach, Maintains Core Services

Upon uncovering unauthorized attempts to breach its network, Casino Del Sol promptly took action, notifying the public through its official channels and swiftly suspending various services, including casino credit, cash transactions, and ATM services, among others, reported BNN Breaking. 

While essential gambling services like poker, slot machines, and table games remained operational, the disruption affected critical functions, necessitating immediate attention to restore normalcy.

In a bid to mitigate the fallout from the breach, the casino resorted to cash-only transactions at its dining establishments and bars, ensuring minimal disruption to guest experiences. Despite these measures, guests encountered inconveniences such as malfunctioning electronic room keys, prompting staff to assist with manual access to rooms—a testament to the widespread impact of the breach on day-to-day operations.

Such incidents not only undermine consumer trust but also pose significant financial risks, as evidenced by the estimated $100 million cost incurred by MGM Resorts International following a similar cyberattack in 2023.

Casino Del Sol Apologizes, Highlights Urgent Need for Cybersecurity Measures

In response to the breach, Casino Del Sol apologized for any disruptions caused to its patrons and reaffirmed its commitment to prioritizing guest safety and security. The incident serves as a poignant reminder of the evolving nature of cyber threats and the imperative of proactive measures to safeguard sensitive data and maintain operational continuity.

At the beginning of February, cybersecurity expert Dan Lohrmann warned of the persistent threat of cyberattacks targeting casinos, citing the incidents involving major gambling operators like MGM Resorts International and Caesars Entertainment. 

Despite efforts to mitigate risks, the industry remains vulnerable, with Lohrmann emphasizing the importance of proactive monitoring and strategic action to reduce the likelihood of breaches and ransomware attacks. 

Lohrmann’s insights highlighted the urgent need for enhanced cybersecurity measures across the gambling sector in response to escalating cyber threats. As authorities delve deeper into the investigation of the cyber breach at Casino Del Sol, the broader implications of the attack reverberate across the casino industry, prompting a reevaluation of existing security protocols and crisis management strategies.

The post FBI Probes Cybersecurity Breach at Tucson’s Casino Del Sol appeared first on Keno Wizard.

Rivers Casino Des Plaines, located in Illinois, is confronting a proposed class-action lawsuit stemming from a cyberattack in August that exposed the personal information of thousands of individuals. 

Rivers Casino Lawsuit Highlights Security Gaps and Potential Identity Theft Dangers

Lead plaintiff Michael Glebiv, among over 100 individuals already included in the class action, claims that he would not have entrusted his personal information to Rivers Casino had he been aware of the inadequate data security measures in place.

The cyberattack, occurring around August 12 but only discovered in early November, targeted Rivers Casino Des Plaines’ IT network. The compromised information includes employee and patron names, along with sensitive data such as addresses, dates of birth, Social Security and passport numbers. 

While the casino asserts that the cyberattack did not disrupt its operations, a cybersecurity firm investigating the breach emphasizes the potential risks of identity theft due to the stolen personal information.

The class-action lawsuit comprises five counts, encompassing negligence, negligence per se, breach of implied contract, unjust enrichment, and violation of the Illinois Consumer Fraud Act. 

The lawsuit contends that the casino was aware of the value of the unprotected personally identifiable information it held, making it a prime target for cybercriminals seeking unauthorized access to monetize the stolen data.

Rivers Casino Assists Plaintiffs and Offers Identity Protection

Rush Street Gaming, the Chicago-based parent company of Rivers Casino, has not yet issued a legal response to the allegations. However, the company maintains that it employs robust security protocols and promptly took steps to contain and secure its systems upon detecting the cyberattack. 

Despite the casino’s assurances that there is no indication of financial fraud or identity theft linked to the incident, complimentary identity monitoring and protection services are being offered to potentially impacted individuals.

As the lawsuit unfolds, Rivers Casino Des Plaines is actively assisting the affected plaintiffs in the class action, providing services such as placing Fraud Alerts and Security Freezes on credit files, as well as offering dedicated and confidential support through a toll-free response line.

This legal action follows Rivers Casino’s belated revelation of the data breach in November, nearly three months after the cyberattack occurred. Unlike similar incidents affecting MGM Resorts and Caesars Entertainment, Rivers Casino did not receive an immediate ransom demand. 

Customers of Caesars Entertainment and MGM Resorts International have also filed five class-action lawsuits in Nevada District Court, alleging that the casino giants failed to protect important customer data during the cyberattacks. 

The plaintiffs claim that the companies were aware of the significance of consumer data but did not adhere to Federal Trade Commission guidelines, potentially exposing affected customers to a heightened risk of identity theft. The lawsuits seek compensation for the perceived lack of diligence.

The post Rivers Casino Des Plaines Faces Legal Action Following Data Breach Revelation appeared first on Keno Wizard.

Levi & Korsinsky, a prominent law firm, has united individuals affected by the recent Caesars Rewards Casino data breach to participate in a potential lawsuit. The cyberattack compromised the personal information of more than 65 million Caesars Rewards members, raising concerns of potential fraud and identity theft. However, it is yet unclear whether the victims can receive compensation.

The Firm Will Help Protect Customer Rights

Levi & Korsinsky is inviting individuals who have received notifications regarding the data breach to get in touch. The law firm stressed that participation in this process carries no cost or obligation. Levi & Korsinsky will ascertain whether those impacted by the breach are eligible for compensation and may pursue legal action.

The potential compensation concerns Caesars Rewards members who received an official notice regarding the data breach involving their personal information. Cyberattacks of this nature often contain malicious intent, as hackers may seek to sell the stolen data on the dark web, engage in identity theft, or commit financial fraud. Companies may bear responsibility for not adequately safeguarding their customers’ privacy in such cases.

This announcement comes amid a series of data breaches that have affected companies in the gaming and entertainment industry. MGM Resorts and Caesars Entertainment have faced class-action lawsuits alleging their failure to protect customer data. Levi & Korsinsky’s involvement may herald a turning point for these legal battles as the company possesses substantial experience with such cases.

Cyberattacks Are an Everpresent Danger

A recent Microsoft report tied the cyberattacks against Caesars Entertainment and MGM Resorts International to a broader hacker collective known as Octo Tempest. The attackers are infamous for many successful attempts on wealthy individuals’ wealth and assets. A Bloomberg report alleged that Caesars paid millions to the attackers to preserve critical company data.

Despite the hacking incidents and following legal actions, Caesars and MGM have reported impressive financial results for the respective quarters following the data breaches. Caesars revealed consistent growth in land-based and online operations, contributing to its total net revenue of nearly $3 billion.

While the hacking debacle temporarily affected some venues, business has returned to normal.
The ongoing lawsuits highlight the importance of cybersecurity measures and proper training. Groups like Octo Tempest primarily rely on social engineering to obtain vital credentials and gain access to restricted systems. The recent attacks represent a costly wake-up call for the gambling industry as leading operators scramble to update their protocols at the risk of another major breach.

The post Law Firm Unites Victims of the Caesars Data Breach appeared first on Keno Wizard.

Crown Resorts, one of Australia’s leading casino operators, has been hit with a substantial fine of AUD20 million ($13.8 million) by the Victorian Gambling and Casino Control Commission (VGCCC). The issue was initially uncovered during the 2021 Royal Commission probe into Crown Melbourne, which revealed that Crown had disguised promotional costs as winnings in order to claim tax deductions.

Crown Resorts Concealed Tax Failings, VGCCC Discovers

The VGCCC discovered the tax failings among the extensive documents disclosed by Crown during the Royal Commission probe, reported The Sydney Morning Herald. The commission also found that Crown had deliberately concealed the nature of these deductions.

Crown Melbourne, the flagship casino of the company, has accepted its wrongdoing and has paid approximately AUD61.5 million ($42.4 million) to the state of Victoria. This amount includes unpaid casino tax of about AUD37.4 million ($25.7 million) and penalty interest of approximately AUD24.1 million ($16.6 million). The AUD20 million fine imposed by the VGCCC is in addition to these payments.

Fran Thorn, the chairperson of the VGCCC, stated that Crown’s breach of its tax obligations and its efforts to conceal the improper deductions were unacceptable. Thorn emphasized the importance of gaming licensees complying with their tax obligations and maintaining transparency in their dealings with regulators. As a result of Crown’s actions, the VGCCC has imposed a significant fine to send a strong message that such behavior will face severe disciplinary action.

Crown Resorts’ Chief Vows Cultural Overhaul

Crown Melbourne’s chief, Mike Volkert, expressed the company’s acceptance of the outcome and its commitment to a cultural overhaul under new ownership. Crown Resorts was acquired by Blackstone Capital for AUD8.9 billion ($6.1 billion) in May of last year. Volkert assured regulators and stakeholders of Crown’s dedication to open and transparent relationships, improved internal controls, and regulatory reporting requirements.

This is not the first time Crown has faced substantial penalties. Earlier this year, the company and the Australian Transaction Reports and Analysis Centre (AUSTRAC) proposed an AUD450 million ($309.8 million) penalty for extensive anti-money laundering and counter-terrorism failings at Crown Perth and Crown Melbourne. If approved, this penalty would be one of the largest in Australian corporate history.

Crown Resorts has been under scrutiny since 2019 when an investigation revealed its vulnerability to international criminal syndicates and money launderers. Subsequent government inquiries have deemed the company unfit to hold a casino license, preventing the opening of its high-rise casino at Sydney’s Barangaroo. The ongoing legal and regulatory challenges have forced Crown to reevaluate its practices and work towards regaining trust and compliance with industry standards.

The post Crown Resorts Slapped with $14M Fine for Tax Obligation Breach appeared first on Keno Wizard.

The leading entertainment group, operator, and developer of integrated resorts from the land Down Under has announced that a ransomware group had reached out to them with claims of accessing “a limited number of Crown files”. 

The incident occurred during a file transfer procedure via the GoAnywhere platform. The latter offers managed file transfer software provided by US-based cybersecurity company Fortra.

No Customer Data Was Been Comprised 

According to a Crown Resorts spokesperson, the company’s operations have not suffered any impact as a result of the data breach. At the same time, there were no customer data breaches reported. 

The group that owns Crown Melbourne, Crown Perth, Crown Sydney, and Crown London Apinalls further explained that an investigation into the claims of the ransomware group and the truth behind them has been initiated. 

The spokesperson added that the group has already notified its gaming regulators and that it will continue to offer “relevant updates” while expressing the intention to collaborate with law enforcement. 

The suspicious activity at the file transfer platform was originally identified and reported by Fortra, almost two months ago. A number of other groups and companies were allegedly impacted as a result of the same breach, including mining company Rio Tinto. 

While the ransomware group threatened they would release the stolen Rio Tinto data including payroll information of a limited number of employees onto the dark web, this has not yet occurred. 

Similar to Crown Resorts, the mining giant is still investigating the truthfulness behind the cybercriminal group’s claims. So far, the leading global mining group with a focus on mining and processing mineral resources has found an indication of a “possibility that Rio Tinto data may be impacted”.

At the end of November 2023, Crown Resorts released the results for the financial year up to June 30, marking AU$945 million ($633 million) in losses.  

Rising Number of Cybersecurity Breaches 

In recent weeks, an increasing number of international companies and government institutions have reported similar data breach incidents in connection to the same GoAnywhere platform. 

Among them, we can mention Hitachi Energy, Hitachi’s Japanese unit that also reported a ransomware attack by a cybercriminal group called “CL0P”. The attack resulted in cybercriminals getting unauthorized access to their employees’ data in some countries.

The same CL0P group also explored the security vulnerabilities in the servers belonging to California-based Accellion in 2021. This resulted in a number of data breaches in several important institutions including the Reserve Bank of New Zealand, Morgan Stanley, and Kroger Co. 

US exchange Community Health Systems also confirmed that the personal and medical data of around one million individuals may have been subject to a security breach in relation to the same Fortra-owned managed file transfer software.

The post Crown Resorts Reports GoAnywhere Data Breach appeared first on Keno Wizard.