Employee data stolen in latest Casino Cyber-attack

Casino giant Boyd Gaming has disclosed a data breach following a recent cyberattack on its internal IT systems.

 

According to an SEC filing, an unauthorized third party accessed and stole data, including information on employees and a "limited number of other individuals."

 

 While the company maintains that the incident has not impacted its business operations, the breach highlights the ongoing vulnerability of the hospitality and gaming industries.

 

This is the latest in a wave of attacks on the sector. In late 2023, major casino operators MGM Resorts and Caesars Entertainment were hit with highly disruptive ransomware attacks.

 

These incidents, as well as the recent breach at Boyd Gaming, underscore a few key vulnerabilities.

 

Gaming companies are prime targets due to the vast amounts of personal and financial data they hold.

 

As seen in previous attacks on MGM, a breach can quickly halt operations, leading to multi-million dollar losses.

Furthermore, social engineering, such as phishing, remains a common entry point for hackers, with the 2023 MGM breach reportedly a result of a brief conversation with an IT help desk.

Boyd Gaming has confirmed it has a cybersecurity insurance policy, which is expected to cover the costs of the incident.

However, the breach serves as a reminder that robust cyber resilience is critical for protecting a company’s reputation and securing both customer and employee data.