Caesars Entertainment paid millions in recent cyberattack, sources say
Caesars Entertainment Inc. paid tens of millions of dollars to hackers who broke into the company’s systems in recent weeks and threatened to release the company’s data, according to two people familiar with the matter.
The hotel-casino operator is expected to disclose the cyberattack in a regulatory filing imminently, the people said.
The disclosure of the alleged Caesars breach comes as another Las Vegas entertainment giant, MGM Resorts International, deals with its own cybersecurity issue, which may be linked to a Russian ransomware hacker gang.
Caesars didn’t respond to requests for comment. The company’s shares dropped 2.7% Wednesday to $52.35.
The group behind the Caesars attack is known as Scattered Spider or UNC 3944, according to the people. Its members are skilled at using social engineering to gain access to large corporate networks, according to cybersecurity experts.
In the case of Caesars, the hackers first breached an outside IT vendor before gaining access to the company’s network, according to the people familiar with the matter.
The hackers began targeting Caesars as early as Aug. 27, according to one of the people.
Members of the hacking group are believed to be young adults, some as young as 19, residing in the United States and the United Kingdom, according to a person who has investigated multiple hacks by the group.
Hacking gangs typically ask to be paid in cryptocurrency if they demand a ransom. Some attacks deploy ransomware that locks up computer files, and the hackers then provide a decryption key if the victim pays. More recently, however, hacking gangs have stolen data from companies and then demanded payment, threatening to publish the information unless they are paid.
