Swinomish Casino & Lodge, nestled in Anacortes on the Washington coast, has been forced to shutter its doors until further notice following a suspected cyberattack. The casino, owned and operated by the tribal community, announced this news on its website on Wednesday, leaving patrons and employees in limbo. Casino management has not shared details regarding the incident, raising fears of a potential data breach.

The Venue Released Little Relevant Information

The sudden closure has left employees and patrons perplexed, with little communication from management regarding the situation. While the lodge remains open, the venue only honors existing reservations, leaving potential guests in the dark. The casino released an official statement regarding the ongoing issues, but the update contained little relevant information.

According to the official announcement, guests with existing reservations affected by the incident would receive refunds as they can only access the lodge and RV park. The casino admitted that the disruption was due to a cyberattack incident necessitating the closure of the casino and all restaurants on the property.

Swinomish Casino & Lodge added they were cooperating with authorities and cybersecurity experts to resolve this issue, adding they would contact affected customers in case of a data breach. The venue reassured patrons it would post an update on its Facebook page as soon as its systems returned online but did not disclose any concrete timeframe. 

Cyberattacks Represent an Industry-Wide Concern

This disruption is not the first time Swinomish Casino & Lodge has faced closure, with the last prolonged shutdown occurring in March 2020 due to COVID-19 safety measures. However, the ongoing closure has cast uncertainty over when operations will resume, leaving troubled employees and patrons awaiting updates. Many visitors wishing to visit for the weekend had to return, expressing their disappointment in the sudden shutdown.

Local news outlet KIRO 7 investigated the matter, contacting former employee Greg Sullivan, who revealed that the incident was highly unusual. He noted that closures on a  Friday or a Saturday night were something the casino tried to avoid at all costs, highlighting the severity of the issue. He expressed concern regarding the staff who depended on tips to make ends meet.

This impact is substantial on the workers, particularly the ones that are not salaried employees. The public absolutely deserves the truth.

Greg Sullivan, former employee

Despite limited information, this case resembles 2023’s cyberattacks against gambling giants like Caesars and MGM. These incidents caused significant customer data leaks, causing substantial damage to the affected operators. Although the increasing frequency of such cyberattacks should serve as a warning for the broader industry, this newest case indicates that many casinos may still be vulnerable.

The post Swinomish Casino & Lodge in Anacortes Closed Due to Cyberattack appeared first on Keno Wizard.

Two individuals, Nathan Austad, 19, of Farmington, Minnesota, and Kamerin Stokes, 21, of Memphis, Tennessee, have been indicted for their roles in the November 2022 DraftKings cyberattack. They allegedly misused the illegally obtained data for personal gain, selling confidential information and inflicting damage on the operator and its clients. Joseph Garrison, a third co-conspirator, has already pleaded guilty.

The FBI Presented Substantial Evidence

Austad and Stokes, arrested on 29 January, face charges including conspiracy to commit computer intrusion, unauthorized access to a computer, wire fraud, wire fraud conspiracy, and aggravated identity fraud. If convicted, they could face up to 20 years in prison. Their attack targeted roughly 60,000 DraftKinds accounts, gaining illegal access via other data breaches.

The attackers used various tactics, including registering new payment methods, to withdraw funds from victim accounts. They also sold access to the compromised accounts in bulk through underground shops, some of which they directly controlled. Stokes reportedly purchased access to accounts in bulk from Joseph Garrison, a third co-conspirator, amounting to over $125,000 in total value, and sold them via his online shop. 

Stokes advertised the compromised accounts on his shop through Instagram, contributing to the FBI’s investigation into the case. Authorities highlighted Austad’s use of artificial intelligence image generation tools to create images promoting his shop of stolen user accounts. Additionally, he managed cryptocurrency wallets that received approximately $465,000 in proceeds from credential-stuffing attacks and the sale of compromised data.

Gambling Operators Must Swiftly Adapt to Such Threats

Joseph Garrison, a core member of the hacking group, was indicted on 18 May 2023 for his involvement in the scheme. Garrison had already surrendered and pleaded guilty in November, awaiting sentencing on 1 February. Austad, Stokes, Garrison, and other collaborators are estimated to have collectively stolen about $600,000 from approximately 1,600 victim accounts.

DraftKings has reimbursed all the stolen money from customers, noting that the security of clients’ personal and financial information was vital to the company. The operator is another high-profile victim of cyberattacks and has taken extensive measures to prevent similar occurrences. Such attacks can have more than just a financial cost, damaging the company’s reputation.

Cyberattacks are growing increasingly more sophisticated, targeting all manner of businesses and posing a great risk to economic security.

FBI Assistant Director in Charge James Smith

This incident highlights the ongoing threats and challenges for online platforms, especially those in the gambling and fantasy sports sectors. Credential stuffing attacks remain a significant risk, emphasizing the need for robust security measures and user education to prevent unauthorized access to accounts. Hopefully, more operators will take notice of this case and take preemptive action, ensuring the safety of their customers.

The post Two More Individuals Indicted for DraftKings Cyberattack appeared first on Keno Wizard.

The Nevada Gaming Control Board’s website has been offline for several days due to a cyberattack. 

Nevada Gaming Control Board Implements Temporary Measures after Cyberattack

Reports indicate that the cyberattack targeted the public-facing websites of both the Nevada Gaming Control Board and the Nevada Gaming Commission, the bodies responsible for regulating the state’s gaming industry. 

The affected website contained various essential information such as agency meeting agendas, gaming regulations, press releases, public statistics, contact details, and biographies of board and commission members.

Fortunately, gaming license details and financial records were stored on a separate internal state agency system, ensuring their protection from the cyberattack. 

The Nevada Gaming Control Board released a statement via its social media channels, confirming the incident and outlining the steps taken to mitigate the damage. According to the statement, immediate measures were initiated to safeguard the website by taking it offline. 

The board is currently collaborating with cybersecurity experts to thoroughly assess the situation. In the meantime, preparations are underway to publish a temporary website for individuals seeking access to information.

Nevada Gaming Control Board Takes Steps Against Cyber Threats

It is worth noting that the cyberattack seems to have exclusively targeted the gaming control board’s website, with no reported impact on other state agencies, which continue to operate normally. Even the monthly meeting of the Nevada Gaming Commission proceeded as scheduled, with no mention of the incident.

This cyberattack follows closely on the heels of high-profile attacks on major casino operators in Nevada, including MGM Resorts International and Caesars Entertainment, last September. These attacks resulted in significant financial losses and reputational damage to the affected companies.

In Nevada District Court, customers of Caesars Entertainment and MGM Resorts International even initiated five class-action lawsuits. These suits allege that the casino companies neglected to safeguard crucial customer data during the cyberattacks, contrary to Federal Trade Commission guidelines. 

Last June, Nevada lawmakers approved funds for upgrading the Nevada Gaming Control Board’s information technology system, a move aimed at replacing the outdated system from the 1980s. This system, separate from the website, plays a crucial role in running board functions. The upgrade was deemed necessary to ensure the security and efficiency of the board’s operations in the face of evolving cyber threats.

As inquiries into the recent cyberattack progress, stakeholders express optimism that actions will be implemented to strengthen the cybersecurity framework, thereby protecting against potential disruptions to essential state operations in the future.

The post Nevada Gaming Control Board Website Hit by Cyberattack appeared first on Keno Wizard.

The global gaming and entertainment company, MGM Resorts International, released its latest unaudited financial report, revealing details regarding its performance for the third quarter of 2023. The new report covers the three-month period ending September 30, 2023, revealing strong growth of consolidated net revenues. Overall, MGM Resorts posted consolidated net revenues of $4 billion. This result, when compared to the corresponding period in 2022, represented an increase of 16%.

The company explained that the strong growth was the result of the outstanding performance of MGM China in light of the lifted COVID restrictions in Macau. The strong performance of MGM China was able to partially offset the impact of the cyberattack against the company that disrupted its Las Vegas and regional operations. Additionally, MGM China’s performance helped cushion the impact of the dispositions of The Mirage, as well as Gold Strike Tunica.

In its trading update, the company revealed that net revenue for its Las Vegas Strip Resorts decreased by 8% to $2.1 billion. Regional operations for Q3 this year also marked a decrease with revenues down 5% to $925 million. In contrast, MGM China’s revenues for the latest trading period soared. According to the recent report, MGM China’s net revenues hit $813 million, up by a staggering 829% when compared to the $87 million result from Q3 in 2022.

The Company Enjoys Progress in Osaka

Besides the strong performance of MGM China, MGM Resorts reminded of its progress in the Asia region. In Q3 this year, the company was able to finalize the certification process in Japan by signing an Implementation Agreement for its integrated resort in Osaka. This marked a major step for the project in the region.

Further details within MGM’s recent report reveal that its operating income for Q3 this year hit $370 million. In contrast, for the same period in 2022, the company posted an operating loss of $1.0 billion. According to MGM, the positive result this year comes after an increase in its net revenues in combination with decreasing amortization expenses.

After the Cyberattack, MGM Is Stronger than Before

Jonathan Halkyard, MGM Resorts’ CFO and treasurer, revealed that the company continues to explore options for share repurchases as an “attractive opportunity” to return value to its shareholders. “Year-to-date, we have repurchased approximately $1.7 billion in stock. Our buyback program totals $6.2 billion since the beginning of 2021, reducing our share count by over 30%,” he explained.

“We started the quarter with great momentum across our businesses. While we were faced with a difficult cybersecurity issue in September, our employees rose to the occasion with incredible resilience and determination.“

Bill Hornbuckle, CEO and president of MGM Resorts

Bill Hornbuckle, MGM Resorts’ CEO and president, explained that the company started Q3 with a positive momentum. He acknowledged that in September, MGM was impacted by an unprecedented cybersecurity issue. However, according to Hornbuckle, the company’s dedicated team of experts showed resilience that helped it overcome the incident. He added that after the incident, MGM emerged stronger than before.

Hornbuckle spoke about the solid performance of MGM China that helped offset the negative impact of the cybersecurity issue. Focusing on the future, he said that the company is looking forward to the upcoming F1 Grand Prix in Las Vegas and the debut of the MGM Collection with Marriott Bonvoy.

In Q3 2023, MGM posted a net income of $161 million, compared to a net loss of $577 million for the corresponding period last year. The recent trading update revealed that consolidated adjusted EBITDAR in Q3 this year was $1.1 billion.

The post MGM Reports Strong Q3 Results despite September Cyberattack appeared first on Keno Wizard.

The leading gaming, hospitality and entertainment giant, MGM Resorts International, became a victim of a cyberattack back in September. At the time, the operator confirmed issues with bookings, hotel electronic doors, some slot machines, as well as other amenities. After the initial attack, MGM was able to recover and resume its operations while at the same time rejecting the option to pay ransom.

The cyberattack impacted MGM’s performance, resulting in a dip in its shares. Currently, the company’s stock trades in the $36 range. However, one analyst predicted a rebound and remained optimistic about MGM’s future performance, despite the devastating attack. As announced by CDC Gaming Reports, Carlo Santarelli, an analyst for Deutsche Bank, remains optimistic about MGM, explaining that the cyberattack only briefly impacted the company’s performance.

Speaking about the current stock, the analyst said it is “very cheap.” Yet, Deutsche Bank’s assessment of MGM’s target price stock remains high, decreasing slightly from $57 to $56. This assessment comes ahead of the release of the operator’s third quarter results which are expected on November 8, 2023, and takes into consideration the recent cyberattack.

Earlier this month, MGM confirmed it expects the impact of the cybersecurity issue to be reflected in its Q3 2023 earnings. At the time, the company estimated a reduction of approximately $100 million in adjusted EBITDAR for September. With that in mind, Santarelli explained: “The impact from one-time expenses related to the breach is expected to be less than $10 million in the third quarter, and we do not believe these expenses will be reflected in adjusted EBITDAR, as they are expected to be covered by insurance.”

Impact of Cyberattack Evident in September’s Results

The analyst spoke about the impact of the cyberattack on the third quarter results. Still, Santarelli said that the results in September were primarily impacted by the cyberattack but figures from July and August remained “essentially flat.”

While MGM’s performance was impacted last month with occupancy decreasing to 88%, lower than the 93% recorded for the corresponding period in 2022, performance this month is expected to be nearly on par. MGM is expected to report occupancy for October of 93%, slightly below the October 2022 result of 94%.

“The deceleration in the third quarter, however, was largely a result of September performance and we believe primarily relates to the cyber-security incident, as well as the reporting of GGR related to the incident.“

Carlo Santarelli, analyst for Deutsche Bank

Recently, another analyst predicted that MGM will quickly recover from the cyberattack. David Katz, an equity analyst predicted that the company’s stock is likely to rebound in the near future, hitting $69. Moreover, he explained that the cybersecurity issue isn’t likely to impact the business in the long term.

The post Deutsche Bank Analyst Optimistic about MGM after Cyberattack appeared first on Keno Wizard.

Several weeks ago, the casino giant MGM Resorts suffered a devastating cyberattack that forced it to shut down multiple systems. In the wake of the attack, the company was warned that its credit score might be lowered while its stock plummeted. Equity analyst David Katz, however, is optimistic that the casino juggernaut will make a quick recovery.

According to Katz, the casino and hospitality company’s stock, trading for $36.93 as of the time of this writing, is likely to rebound to $69 in the near future.

Katz told investors that the cyberattack is a singular event that is unlikely to affect MGM’s business in the long term. While the attack is certainly going to impact the casino company’s Q3 and probably Q4 results, much of the impact is likely to be covered by insurance, leaving the 2024-2025 time frame intact.

Katz has decreased his estimates for MGM Resorts’ Fiscal Year 2023 results. Previously projecting $15.461 billion in revenue and $4.642 billion in adjusted cash flow, the analyst now projects $15.251 billion in revenue and $4.51 in adjusted cash flow.

MGM Is Poised for Quick Recovery

Commenting on the attack, Katz said that it was the result of a single human error. In any case, the attack, which was part of a larger operation affecting several companies, presents a “set of issues on how companies deploy resources to mitigate risk,” Katz added.

In addition, he pointed out that the presence of insurance provides MGM with a lifeline that will likely prevent a lingering impact on its shares. The upcoming Formula One Las Vegas Grand Prix and Super Bowl game in Las Vegas will likely make up for much of MGM’s losses, Katz predicted.

Katz concluded that MGM Resorts is poised for success in Las Vegas and is already recovering in Macau, sparking optimism about future trading.

In other cyberattack-related news, MGM Resorts recently contacted its loyalty members, promising them that their loyalty will be rewarded “to the fullest and more.” The company asked its customers to remain patient and be on the lookout for further announcements.

Despite MGM’s best efforts to make things right, certain MGM players launched lawsuits against the company because their data got compromised. Affected Caesars Entertainment customers launched similar lawsuits.

Speaking of Caesars, the MGM competitor recently offered two years of IDX services to its loyalty program members whose data got compromised.

The post Analyst Trusts MGM Resorts Shares to Hit $69 despite Recent Cyberattack appeared first on Keno Wizard.

American gambling and hospitality juggernaut MGM Resorts International recently suffered a devastating cybersecurity issue that forced it to shut down computers and websites and crippled its operations. In one of its latest statements, the company revealed that its properties are now operating normally.

MGM Resorts informed consumers that its employees are ready to help guests with any intermittent issues. The company also announced that any reservations booked between September 13 and 24 can be canceled or changed without any fees.

We are pleased that all of our hotels and casinos are operating normally. Our amazing employees are ready to help guests with any intermittent issues. We thank you for your patience and look forward to welcoming you soon.

MGM Resorts statement

However, the company noted that certain loyalty program functionalities may still be unavailable. At the time of MGM’s notification, the online reservation system was still down, which is why the company prompted customers to book reservations at 877-353-987.

MGM Resorts did not disclose when it expects these offerings to become available again.

The Casino Giant Is One among Multiple Victims

MGM Resorts was hit by a cyberattack it described as a “cybersecurity issue” earlier this month. The attack came around the same time Caesars Entertainment was also targeted by hackers.

Later identified as the Scattered Spider group, the hackers reportedly used social engineering to gain hold of valuable company data. The attack caused Moody’s to warn MGM Resorts that its credit rating might be lowered. At the time, MGM Resorts refused to comment.

In the meantime, reports claimed that Caesars Entertainment had been forced to pay a ransom to the hackers in order to secure its business.

Identity management specialist Okta recently spoke with Reuters on the matter, confirming that the ones behind the attack are the ALPHV and Scattered Spider groups, likely working in tandem. Okta noted that MGM Resorts and Caesars Entertainment are not the only victims of the cyberattacks, disclosing that three other companies were also affected.

Elsewhere, the online crypto betting giant Stake.com also suffered a cyberattack. According to the FBI, the crypto casino was targeted by the notorious North Korea-backed Lazarus Group, which stole tens of millions of dollars in cryptocurrencies from the company.

The post MGM Recovers in the Wake of a Devastating Cyberattack appeared first on Keno Wizard.

A few days ago, Stake.com, one of the biggest online operators in the world, suffered a devastating cyberattack, losing a whopping $41.35 million in cryptocurrencies in the process. This forced the company to temporarily halt withdrawals and implement measures to ensure the funds of its users are safe.

Stake.com resumed its services a few hours later. Beosin later provided details about the money Stake.com lost, noting that the first transaction on Ethereum was $3.9 million in stablecoin Tether. Another $9.8 million in Ether, $1.1 million in USD Coin and $900,000 in Dai were also withdrawn.

In the meantime, the cyberattack also targeted Polygon and BNB Smart Chain, resulting in the withdrawal of $7,825,000 and $17,825,540, respectively.

Following a swift investigation, the United States’ Federal Bureau of Investigation has now announced that the one behind the attack is the infamous Lazarus Group, a notorious group of hackers and cybercriminals from the Democratic People’s Republic of Korea.

The FBI also listed the virtual currency addresses the stolen Stake.com money was transferred to. The data is available on the agency’s official website.

The Lazarus Group Is Notorious for Its Attacks

The FBI noted that the Lazarus Group is also responsible for other high-profile international virtual currency heists. The agency noted that this year alone has seen DPRK cyber actors steal more than $200 million. For reference, this includes the $60 million of virtual currency stolen from Alphapo and CoinsPaid in July, as well as approximately $100 million of virtual currency stolen from Atomic Wallet in June.

In addition to the recent thefts, the FBI has also previously provided information about the attacks against Harmony’s Horizon bridge and Sky Mavis’ Ronin Bridge. The Lazarus Group was also sanctioned in 2019 by the Office of Foreign Assets of the US Department of Treasury.

The FBI noted that a cybersecurity advisory is available on TraderTraitor. The body urged private sector companies to review the advisory and remain wary when dealing with one of the addresses now listed on its website.

In the meantime, the FBI remains committed to combating the DPRK’s use of cybercrime. The agency slammed the hacker’s efforts to steal virtual currency to fuel the regime.

The post FBI Blames Lazarus Group for $41M Stake.com Cyberattack appeared first on Keno Wizard.

Aristocrat Leisure, a global gaming content and technology company, just suffered another devastating cyberattack. As a result, personal information belonging to employees was leaked.

According to the company, a criminal hacker exploited a newly identified vulnerability in MOVEit, a third-party file-sharing software employed by Aristocrat.

The announcement claims that the hacker leveraged the vulnerability to extract data from a company server. Unfortunately, personal information belonging to Aristocrat employees was also compromised in this process.

To make matters worse, the criminals have already published extracts of the stolen data on the web.

As a company committed to high probity standards and the protection of its employees’ privacy, Aristocrat took immediate action to patch up the aforementioned vulnerability.

The company listed the steps it has taken to protect its business from further harm. First of all, Aristocrat immediately took action to contain the incident and remediate the MOVEit software vulnerability.

In addition, the company contacted law enforcement bodies and relevant regulators about the incident. At the same time, Aristocrat is now working with independent experts to determine the nature of the stolen data and mitigate the damages.

Finally, Aristocrat advised all of its employees to protect their data and offered them complimentary credit monitoring and identity theft protection services.

Aristocrat added that it has assessed the potential impact on its business. The company is certain that its quick action will mitigate the damages. The company vowed to remain vigilant and serve the interest of its employees and stakeholders.

Based on the information available as of this date, Aristocrat expects low business impact with the execution of an appropriate risk management and mitigation plan. We will continue to manage this incident proactively and comprehensively, in the best interests of our people, business and other stakeholders.

Aristocrat’s Business Is Doing Well Despite the Attack

The cyberattack aside, Aristocrat’s business has been doing well, as affirmed by its stellar financial results. In H1, the company metrics skyrocketed, highlighting the efficiency of Aristocrat’s business strategy.

The company is currently exploring options for further growth, including the proposed acquisition of NeoGames. Aristocrat’s chief product officer, Matthew Primmer, argued, that the billion-dollar deal will enable Aristocrat to enter the iGaming and iLottery verticals. The arrangement secured the approval of an overwhelming majority of NeoGames’ shareholders.

Meanwhile, Aristocrat prepares to launch its first NFL slot machine in September 2023, just in time for the upcoming football season.

The post Aristocrat Suffers Cyberattack, Implements Remediation Measures appeared first on Keno Wizard.