68°F
weather icon Cloudy
Las Vegas, NV
Casinos & Gaming

Former Boyd employee files lawsuit against company over data breach

Former Boyd employee files lawsuit against company over data breach
Casino operator Boyd Gaming Corp.'s headquarters at 6465 S. Rainbow Blvd., Las Vegas. (Eli Sega ...
Casino operator Boyd Gaming Corp.'s headquarters at 6465 S. Rainbow Blvd., Las Vegas. (Eli Segall/Las Vegas Review-Journal)
More Stories
Excalibur, an MGM Resorts International property, is the only casino on the Las Vegas Strip pro ...
Strip casino offering $5 blackjack with a live dealer
Tom Jingoli, president and chief operating officer of Konami Gaming, Inc., poses for a photo at ...
Gaming company with Las Vegas presence to unveil new slot machine
Michael Gulich, vice president of sustainability at MGM, stands for a portrait above the Founta ...
Meet the man behind MGM’s best-kept secret: sustainability
Bally’s unveils hotel, entertainment complex to be built around A’s Las Vegas ballpark
By / Las Vegas Review-Journal
September 26, 2025 - 1:03 pm
 
Updated September 29, 2025 - 1:54 pm

A former Boyd Gaming Corp. employee has filed a lawsuit against the company over a recent cyberattack disclosed in a Securities and Exchange Commission filing earlier this week.

Scott Levy, identified in the lawsuit as a former employee living in Las Vegas, hopes to turn his complaint into a class action.

The five-count lawsuit, filed in U.S. District Court in Nevada on Thursday, accuses Boyd of failing to prevent a data breach that could have released personally identifiable information, including names and Social Security numbers of current and former Boyd employees as well as Boyd customers.

Las Vegas-based Boyd Gaming said it does not comment on pending litigation. Earlier in the week, a company representative said the company would not respond further beyond the five-paragraph SEC 8-K filed Tuesday. Boyd has not said when the attack occurred or was discovered and whether the company paid a ransom to regain control of its computer system.

Levy made note of that in the lawsuit.

“Defendant employed ‘leading external cybersecurity experts’ and determined that ‘the unauthorized third party removed certain data from (defendant’s) IT systems, including information about employees and a limited number of other individuals,’” the lawsuit says.

“Thus, defendant admitted that personally identifiable information was actually stolen during the data breach, confessing that the information was not just accessed, but was ‘removed’ from Boyd’s system. In other words, the data breach investigation revealed Boyd’s cyber and data security systems were completely inadequate and allowed cybercriminals to access files containing a treasure trove of its employees’ and customers’ highly private information.”

Levy, represented by the Stranch, Jennings & Garvey law offices in Las Vegas and Nashville, Tennessee, is seeking a jury trial.

The lawsuit accuses Boyd of negligence, breach of implied contract, unjust enrichment, violation of the Nevada Consumer Fraud Act and Levy is seeking to create a class action through a declarative judgment.

Boyd, which operates 11 local properties, including three in downtown Las Vegas, is the third major Nevada casino company to come under attack by cybercriminals in two years. Reno-based Caesars Entertainment paid a $15 million ransom after it was attacked in August 2023 and MGM Resorts International’s operations were crippled for nine days a month later.

MGM’s chief technology officer, who appeared before the Nevada Gaming Commission to be licensed Thursday, said his company reached out to Boyd to lend assistance after the attack.

Contact Richard N. Velotta at rvelotta@reviewjournal.com or 702-477-3893. Follow @RickVelotta on X.

MOST READ
LISTEN TO THE TOP FIVE HERE
Don't miss the big stories. Like us on Facebook.
THE LATEST
MORE STORIES