Connect with us

Hi, what are you looking for?


Data Breaches

Caesars Confirms Ransomware Hack, Stolen Loyalty Program Database

The hijacked data includes driver’s license numbers and/or social security numbers from a Caesars Entertainment loyalty database.

Ceasars Ransomware Attack

Caesars Entertainment, Inc., a well-known global hospitality brand, has been hacked by a cybercrime gang that stole a vast chunk of data, including the company’s loyalty program database.

In a filing with the SEC, Caesars said the hijacked data includes driver’s license numbers and/or social security numbers for a significant number of members in the database and provided a hint that a ransomware demand was paid to minimize the damage.

“We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result,” Caesars said in the 8-K filing.  We are monitoring the web and have not seen any evidence that the data has been further shared, published, or otherwise misused.” 

Caesars said it currently has no evidence that member passwords/PINs, bank account information, or payment card information (PCI) were part of the data copied by the cybercriminal group.

The company said it identified “suspicious activity” on its network that resulted from a social engineering attack on an unnamed third-party support vendor. 

“We quickly activated our incident response protocols and implemented a series of containment and remediation measures to reinforce the security of our information technology network. We also launched an investigation, engaged leading cybersecurity firms to assist, and notified law enforcement and state gaming regulators,” Caesars said. 

Caesars said its core customer-facing operations – both online platforms and physical locations – remained untouched and operations continued without disruption.

Advertisement. Scroll to continue reading.

The company said it has also  taken steps to ensure that the specific outsourced IT support vendor involved implements corrective measures to protect against future attacks that could pose a threat to its systems.

The Caesars breach confirmation follows news that MGM Resorts is also struggling with the fallout from a “cybersecurity issue” that took its IT systems and web sites offline. A ransomware gang has taken credit for the MGM Resorts hack, which impacted MGM’s website, casinos, and systems used for email, restaurant reservations, and hotel bookings, and even digital hotel room keys. 

Related: The Chaos (and Cost) of Lapsus$ Hacking Spree

Related: Ransomware Gang Takes Credit for MGM Resorts Cyberattack

Related: MGM Resorts Confirms ‘Cybersecurity Issue’ 

Related: Blackbaud Fined for Misleading Ransowmare Disclosure

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.