United States
United Kingdom
Summary:
- Caesars says 41,397 players in Maine were potentially affected.
- The total number of players affected across the US remains a mystery.
- The casino brand was attacked on August 18, and the data breach began on August 23.
The cyberattack against Caesars Entertainment is one of the biggest stories in the history of the gaming industry despite last year Nevada Casinos were warned to perform risk assessments. Tens of thousands of people were affected, and more details are emerging as the weeks go by.
This week, Caesars provided the Maine Attorney General’s office with information on the matter, detailing that the data breach may affect 41,397 individuals in the state.
Maine State Law Requires Notification
In Maine, state laws require that a gaming business provide information on such attacks due to the data breach. The filing lists how many players were affected in Maine but not the total number of players across the United States. The brand has casinos in several states across the nation.
Unfortunately, An outsourced IT vendor was a point of entry for attackers, leading to unauthorized access to the casino’s network. This took place on August 18. By the 23rd, the attackers had begun to exfiltrate data. Caesars confirmed the attack on September 7.
In the notification by Caesars, it stated that the attackers could gather the names of patrons and other identifiers. This included driver’s license numbers.
Acting Quickly to Thwart the Threat
After the suspicious activity was detected, the casino operator activated the incident response protocols. Containment and remediation measures began to try and stop the attack and minimize the outcome. An ongoing investigation was started, with cybersecurity firms brought in to assist in the matter. Law enforcement and state gaming regulators were notified of the incident.
Caesars is asking its customers to monitor their accounts for any signs of activity. There is no reason that Caesars believes that players are at risk of identity theft or any fraud, but practicing diligence will ensure that no problems occur. Customers should review account statements and credit reports for any suspicious charges.
Customers are also warned not to take any calls, emails, or texts that may seem fraudulent. Links should not be opened as well from any untrusted sources.
It is believed that the same attackers were the masterminds behind the MGM Resorts International attack, too, which happened soon after Caesars was hit. MGM suffered over a week of disruptions as computer systems were inoperable.
In the beginning, sites like BetMGM were not affected, but eventually, it was found that the personal information of the brand had been breached. My own BetMGM Casino account was breached, and I had to change my password as someone kept trying to log in to my account, and I was receiving code alerts to log in.
Two-factor authentication is always a good idea with online gaming or other online services as it prevents any breach by criminals or hackers.
