Wynn Resorts data breach impacts over 21,000 employees following HR system attack

Wynn Resorts, a luxury hospitality and gaming company, has disclosed that a data breach affecting its internal systems compromised the personal information of 21,775 employees, following a cyberattack that occurred in October 2025.

The company confirmed that attackers gained access to its human resources systems, exposing sensitive employee data. The breach was publicly acknowledged in late February after the ShinyHunters cybercrime group claimed responsibility for stealing more than 800,000 records containing personally identifiable information, including Social Security numbers.

In a recent filing with the Maine Attorney General’s Office, Wynn Resorts stated that the threat actor has indicated all stolen data has been deleted. The statement aligns with indications that a ransom demand may have been resolved. The attackers had reportedly sought more than 22 bitcoin, valued at approximately $1.5 million.

The breach appears to be part of a broader campaign linked to ShinyHunters that targeted more than 100 organizations. While the group has publicly taken credit, cybersecurity researchers attribute the operation to Scattered Lapsus$ Hunters, a collective formed in 2025 by members associated with ShinyHunters, Lapsus$, and Scattered Spider.

Wynn Resorts has begun notifying affected individuals and is offering complimentary credit monitoring and identity theft protection services. The company has not provided additional details on the nature of the compromised data beyond confirming the exposure of employee information.