If you are a gambler, what are the odds at two casinos get hacked successively? Following an attack on MGM casinosCaesars Entertainment just said in an SEC filing that it was also the subject of a hack that occurred last month.
Like Bloomberg reports, citing sources familiar with the matter, the attack at the end of August caused Caesars Entertainment to pay tens of millions of dollars to the hackers. The incident was described in an SEC deposit published today, in which the company states that the violation occurred following a “social engineering attack against an outsourced IT support provider.” Sources said The Wall Street Journal reported that this social engineering attack involved a hacker posing as an employee to trick the IT contractor into changing a password. The hackers allegedly stole the company’s loyalty program database, which contains a list of driver’s license numbers and Social Security numbers for a “significant number of members” in the database.
“We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this outcome,” the company wrote in the SEC filing. “We are monitoring the web and have not seen any evidence that the data has been shared, published or misused. However, out of an abundance of caution, we offer credit monitoring and identity theft protection services to all members of our loyalty program.
Caesars Entertainment did not immediately respond to Gizmodo’s request for comment. But the wording of the statement seems to indicate that the casino may have paid a ransom.
The attackers are believed to be a group of hackers known as Scattered Spider, or UNC 3944. Cybersecurity company Trellix said in a blog post, Scattered Spider has been active since May 2022 and its prime prey are telecommunications companies, critical infrastructure groups and business process outsourcing organizations, such as the IT company involved in Caesars. Trellix also says that social engineering hacks are Scattered Spider’s bread and butter.
The SEC filing chronicling the attack comes after Caesars competitor MGM was also hit by a crippling attack.as revealed last Monday. The MGM hack would have been the result of a 10 minutes social engineering phone call, in which hackers identified an IT worker on LinkedIn and called the help desk. An employee was allegedly tricked into giving hackers access to MGM systems. Reuters said that Scattered Spider was behind this hit, some reports indicate that a subgroup of scattered spiders known as ALPHV, or Blackcat, was the culprit. The Trellix blog post states that Blackcat has previously used Scattered Spider software called POORTRY, indicating a working relationship or overlap between the two.