Friday, September 15, 2023

Caesars Entertainment Paid Millions to Hackers in Attack

William Turton
Thu, September 14, 2023 

(Bloomberg) -- Caesars Entertainment Inc. paid tens of millions of dollars to hackers who broke into the company’s systems in recent weeks and threatened to release the company’s data, according to two people familiar with the matter.

The disclosure of the alleged Caesars breach comes as another Las Vegas entertainment giant, MGM Resorts International, announced that it was hacked earlier this week.

Caesars didn’t respond to requests for comment. On Thursday, after Bloomberg News reported that Caesars had been hit by a cyberattack, the company disclosed the hack in a regulatory filing. The company’s shares were relatively unchanged Thursday at 9:49 a.m. in New York after dropping 2.7% Wednesday to $52.35.

The group behind the attack is known as Scattered Spider or UNC 3944, according to the people. Its members are skilled at social engineering in order to gain access to large corporate networks, according to cybersecurity experts. In the case of Caesars, the hackers first breached an outside IT vendor before gaining access to the company’s network, according to the people.

The hackers began targeting Caesars as early as Aug. 27, according to one of the people.

Members of the hacking group are believed to be young adults, some as young as 19 years old, residing in the US and the UK, according to a person who has investigated multiple hacks by the group.

The attackers stole data including driver’s license and social security numbers from Caesars loyalty members, the company said in the filing Thursday.

Hacking gangs typically ask to be paid in cryptocurrency if they demand a ransom. Some attacks deploy ransomware that locks up computer files, and the hackers then provide a decryption key if the victim pays. More recently, however, hacking gangs have stolen data from companies and then demanded payment, threatening to publish the information unless they are paid.

“We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result,“ Caesars said in the filing.



No comments: