Casino Companies Lose $$$ MILLIONS From Cyber Attacks

A series of hacking incidents has hit both brick-and-mortar as well as online casinos over the past few months, leaving corporate executives, IT personnel, and accounting departments reeling. The total damages experienced by these major gaming concerns exceeds $150 million. The victims include such big names as MGM Resorts, Caesars Entertainment, Rivers Casino, and Stake.com.

Caesars Customer Data Stolen

Beginning in late August, Caesars – host of the annual World Series of Poker – was targeted by cyber criminals who allegedly employed social engineering techniques to gain access to customer records from a “third party support vendor.” A large number of social security numbers and driver’s license numbers were hijacked by the hackers although Caesars denied that any passwords, credit card numbers, or banking details were compromised.

Caesars Owns the Horseshoe and Several Other Las Vegas Resorts

Caesars' normal day-to-day operations don’t appear to have been affected by this incident. Indeed, it was only on Sept. 14 that this information became public when the company filed a report about it with the Securities and Exchange Commission.

According to widely reported information, Caesars paid a ransom of approximately $15 million to the hackers in exchange for a promise to delete the stolen data. This is alluded to obliquely in the SEC filing with the sentence: “We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result.”

MGM Resorts Crippled by Security Breaches

MGM was much harder hit than its competitor Caesars. On Sept. 11, it admitted that a “cybersecurity issue” was impacting some of its systems. What supposedly happened was that a member of the hacking organization called an MGM IT help desk pretending to be a legitimate employee of the corporation and thereby obtained login credentials.

Not only was customer data stolen from MGM, but its operations were severely disrupted. Visitors to MGM properties in Las Vegas and elsewhere reported seeing slot machines inoperative, room keys not working properly, and casino websites down for the count. Even hotel front desk functions were impacted with guests having to endure lengthy waits in order to be manually checked into their rooms.

On Sept. 20, MGM announced that everything was more or less back to normal although it continued to be plagued by intermittent issues. Unlike Caesars, MGM evidently refused to pay any ransom to its attackers, which is perhaps why it suffered more. According to company sources, MGM's third quarter results would be affected by the hacking attacks to the tune of $100 million.

$40+ Million Stolen From Stake.com

On Sept. 4, malefactors were able to gain access to some of the crypto-currency hot wallets owned by Stake.com. This is a crypto-focused online casino and sportsbook that has been in business since 2017. It was founded by the same individual who started Primedice, one of the first BTC gambling sites on the internet.

More than $41 million in digital coins was hijacked through the Ether, Binance Smart Chain, and ERC-20 networks. The purloined cryptos were quickly withdrawn from Stake.com's wallets and then forwarded on to dozens of other wallets.

Stake.com soon announced that those networks were unavailable for deposits and withdrawals due to “temporary maintenance.” About three hours later, the company posted the following on X (formerly Twitter):

Several hours later, Stake.com reenabled deposits and withdrawals for the affected crypto coins.

Other Computer Security Incidents

While the three cyber security events we've described above were perhaps the most high-profile incidents, they are by no means the only times in recent months that gaming firms have been successfully attacked by criminal hackers. Other such incidents include:

• Several casinos in Ontario, Canada owned by Gateway Casinos were shut down between April 17 and April 29 due to a ransomware attack
• In mid-August, a data breach at Rivers Casino Des Plaines saw personal information of its employees, patrons, and online sportsbook customers compromised
• On Oct. 17, slot supplier and video lottery terminal operator Everi Holdings was targeted by a cyberattack, which led Jake's 58 Casino in Long Island, New York to close for three days
• From mid-April to mid-October, security lapses at Mexico-licensed Strendus Casino left customers' personal information, including government ID numbers, phone numbers, and addresses, vulnerable

Who's Responsible

Although hacking rings seldom leave reliable calling cards as to their true identities, we actually do have a good idea of who's behind some of the recent casino-related cybercrimes. Law enforcement has pieced together the clues to identify who was responsible for the attacks on MGM, Caesars, and Stake.com.

Scattered Spider

A group known as Scattered Spider has been tied to the MGM and Caesars hacks. Law enforcement has concluded that Scattered Spider is a loose association of individuals, mostly between the ages of 16 and 22, who reside in the United States and United Kingdom and are native English speakers. Scattered Spider, which also goes by the names Muddled Libra, UNC3944, Scatter Swine, and Starfraud, is especially skilled at social engineering – that is, convincing individuals who work for the targeted organization to divulge account credentials or otherwise voluntarily grant system access to the hackers.

This is just what happened in the MGM incident when a member of Scattered Spider called a corporate IT help desk pretending to be an employee of the company and convinced the worker to grant them access to private systems. In the Caesars attack, reading between the lines of the phrasing in Caesar's SEC filing, “a social engineering attack on an outsourced IT support vendor used by the Company,” we can surmise that something similar occurred.

Scattered Spider has been around since May 2022, and they have conducted sophisticated attacks against telecommunications firms and other large companies. Confusingly, the FBI claims to know the identities of many members of Scattered Spider although no arrests have yet been made. The FBI and Cybersecurity and Infrastructure Security Agency (CISA) did release a cybersecurity advisory about Scattered Spider to inform potential victims of what to look for and advice on mitigating attacks from the group. However, many in the field of computer security believe that the actions of law enforcement have hitherto been inadequate.

Lazarus

In the case of Stake.com, cyber criminals belonging to the Lazarus Group are believed to be responsible. This body, managed by the North Korean government, first appeared on the scene in 2009. Since that time, it has increased in sophistication and has made a name for itself in currency heists. Lazarus stole $81 million from the Bangladesh Bank in 2016 and $7 million from crypto exchange Bithumb in 2017. Recently, the group appears to have increased the frequency of its attacks with the FBI estimating that Lazarus has stolen more than $200 million since the beginning of 2023.

Keeping Safe

Clearly, there are many bad actors on the internet who are willing and able to direct their efforts toward the illicit purloining of cash and individuals' personal information. Because these attacks were launched against the gaming companies themselves, there's little that end users can do to protect themselves.

One of the few tactics for insulating oneself against such nefarious activity is not transacting with affected companies. Of course, it's impossible to tell which firms will become victims of cyber-attacks in the future; yet, we cannot help but notice that most of them were fully licensed and regulated gambling providers. Thus, the oft-repeated mantra that domestically licensed gambling concerns are inherently safer than offshore gambling sites doesn't seem to be true at least with regard to cyber security.

In fact, doing business with state-regulated gaming licensees may be more unsafe than using offshore brands particularly when it comes to the leaking of sensitive customer data. The types of information compromised in some of the recent hacks – like social security numbers and banking information – are generally not collected by offshore gaming providers. Credit card numbers meanwhile are only gathered from those customers who use cards as a payment method, an increasingly small fraction of users given the prevalence of Bitcoin and other crypto solutions in the international online gambling market.

It's notable that the most crypto-focused of the hacked companies, Stake.com, was also the one that rebounded the quickest with its service interruptions lasting less than a day. Moreover, no customer data or account balances were at risk – the only thing stolen was some of Stake.com's own crypto funds.

Find a Safe Gaming Provider Today

Here at ProfessionalRakeback, we work with a number of trusted online poker rooms, sportsbooks, and casinos. They have not been afflicted by major hacking incidents in recent memory – apart from the occasional DDoS attack. You can play at these sites with confidence in their security and honesty.

We highly recommend Bovada as a reputable online gambling destination that allows you to play poker, bet on sports, and enjoy casino gaming all from a single account. When you make your first deposit, you'll get a 100% up to $500 poker bonus, up to $750 free to use in the sportsbook, and up to $3,750 in free casino funds. Click the button below to get started:

If you wish to learn more about Bovada before signing up, read this comprehensive review of Bovada. For additional options, browse over to these pages devoted to the type of wagering you most appreciate: best online poker for US players, leading US-friendly online sportsbooks, top internet casinos for Americans.