Casino gaming giant hit by major cyberattack - employee information and more stolen, here's what we know

News
By published

Boyd Gaming reports attack to the SEC

(Image credit: Pexels)
  • Boyd Gaming suffered a cyberattack compromising employee and individual data
  • Business operations were unaffected, but stolen data details remain unclear
  • Company expects insurance to cover investigation, legal, and regulatory costs

Boyd Gaming Corporation, a US-based casino and hospitality company operating properties across multiple states, has confirmed suffering a cyberattack recently in which it lost sensitive employee data, as well as information on “other individuals”.

In a new 8-K form filed with the US Securities and Exchange Commission (SEC), the company said it experienced a cybersecurity “incident” in which unauthorized third parties accessed its IT system.

To address the attack, Boyd brought in third-party cybersecurity experts, and notified relevant authorities and government agencies.

Official IdentityForce® | Identity Theft Protection - save up to 68% annually

Official IdentityForce® | Identity Theft Protection - save up to 68% annually

Many people don’t know how to protect their ID. Don’t be one of them. Get your ID Action Plan here. Get a personalized step-by-step Action Plan & ID Safety Score based on YOUR dark web hits.

View Deal

No material impact

The subsequent investigation determined that the attack had no impact on its properties or business operations, but it did confirm that “certain data” from the network was stolen, including “information about employees and a limited number of other individuals,” the form states.

“The Company is notifying impacted individuals and has or will notify its various regulators and other governmental agencies as required.”

We don’t know the nature of the files that were stolen, or how many people are affected by the theft - but we have reached out to Boyd with further questions and will update the article if we hear back.

In the meantime, Boyd says it does not believe the incident will have a material effect on its financial condition or results of operations.

“The Company maintains a comprehensive cybersecurity insurance policy, which we expect will cover costs associated with incident response and forensic investigations, as well as business interruptions, legal actions and regulatory fines, if any, subject to policy limits and deductibles,” it concluded.

The hospitality and casino industry is among the most targeted areas around, with many high-profile cyberattacks in the sector, including a recent incident against Bragg, as well as the Scattered Spider cybercrime gang reportedly hitting several Las Vegas casinos back in 2023.

Via BleepingComputer

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.