Ransomware attack on Riverside Resort & Casino impacted over 50,000 customers

Laughlin, Nevada-based Riverside Resort & Casino said that the data security incident it suffered earlier this year compromised the sensitive personal information of more than 50,000 individuals.

 

In a filing with the Office of Maine Attorney General, the luxury resort said that on July 25, it identified suspicious activities in its internal network. The casino immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

“Through this investigation, Riverside determined that an unauthorised third party potentially accessed and acquired certain files during this incident. Riverside then performed an extensive and comprehensive review of the data to identify what personal information may have been impacted in this incident,” reads the notice.

 

The compromised data included names and other personal identifiers along with Social Security Numbers. Riverside’s filing with the Maine state regulator revealed that at least 55,155 individuals were impacted by the data security incident.

 

“Upon detecting this incident, we moved quickly to initiate an investigation. We promptly disabled all relevant accounts and worked with our third-party specialists to confirm the security of our environment,” Riverside added.

 

While the casino found no evidence of the compromised information being misused, it advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general.

 

It has also offered one year of complimentary identity protection and credit monitoring services through Cyberscout to all affected individuals.

 

A group of threat actors calling themselves the LYNX ransomware group claimed responsibility for the cyber attack on Riverside and listed it as a victim on their data leak site. 

 

The group claimed to be in possession of confidential corporate data and shared sample screenshots on their dark web. It is unclear whether the resort engaged with the group to negotiate a ransom or used backups to restore the stolen information.