Caesars’ Rewards Database Targeted by Hackers, Says Company

Caesars Entertainment (NASDAQ: CZR) confirmed today that it was recently the victim of a cyber attack and that the bad actors targeted the Caesars Rewards database, among other data troves, held by the gaming company.

Caesars Debt
Caesars Palace on the Las Vegas Strip. The operator confirmed it was the target of a cyber attack and that hackers stole data from the Caesars Rewards database. (Image: Getty Images)

The casino operator revealed in a Form 8-K filing with the Securities and Exchange Commission (SEC), corroborating recent speculation that it dealt with a negative cyber event days before rival MGM Resorts International (NYSE: MGM) faced similar issues. Rumors surfaced that Caesars paid the hacking group “Scattered Spider,” or UNC 3944, $30 million. In the filing, the operator didn’t confirm that amount, nor did it mention the group by name, but implied it may have incurred expenses related to the hack.

We have incurred, and may continue to incur, certain expenses related to this attack, including expenses to respond to, remediate and investigate this matter,” according to the 8-K. “The full scope of the costs and related impacts of this incident, including the extent to which these costs will be offset by our cybersecurity insurance or potential indemnification claims against third parties, has not been determined.”

The SEC recently instituted guidelines requiring public companies to make disclosures to investors regarding “material” events, such as fires at factories, storms hampering operations and cyber attacks.

Caesars Rewards Database Jackpot for Hackers

Caesars Rewards has over 65 million members, making it the gaming industry’s largest loyalty program, making it a compelling target for cyber criminals.

In the regulatory filing, the gaming company confirmed the perpetrators acquired sensitive data, including driver’s license and Social Security numbers, “for a significant number of members in the database.” Caesars added that, as of yet, there is no evidence that the hackers acquired member PINs, bank account data or payment card numbers.

“We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result,” added the Harrah’s operator in the SEC filing. “We are monitoring the web and have not seen any evidence that the data has been further shared, published, or otherwise misused.”

As a result of the cyber infiltration, Caesars is offering free credit monitoring services to customers. That can be obtained by calling (888) 652-1580.

Caesars Ransomware May Not Be ‘Material’

“Material” is a subjective term. Assuming that Caesars paid $30 million to “Scattered Spider” — the gaming company did not confirm that –that’s a small amount for a company with a market capitalization of $11.27 billion.

Ransomware acts must be disclosed, and while the full scope of what Caesars dealt with isn’t immediately clear, the operator isn’t characterizing the event as catastrophic.

“Although we are unable to predict the full impact of this incident on guest behavior in the future, including whether a change in our guests’ behavior could negatively impact our financial condition and results of operations on an ongoing basis, we currently do not expect that it will have a material effect on the Company’s financial condition and results of operations,” it concluded in the regulatory document.

Todd Shriber
Todd Shriber Financial Reporter

Todd Shriber is a senior news reporter covering gaming financials, casino business, stocks, and mergers and acquisitions for Casino.org.

Todd got his start in financial markets as a reporter with Bloomberg News. Later, he became a trader at a Southern California-based long/short hedge fund, where he specialized in the trading sector and international ETFs leading up to and during the financial crisis. He joined Casino.org in 2019.

Currently, Todd analyzes, researches, and writes on ETFs for various web-based publications and financial services firms. Shriber has been featured and quoted in Barron's, CNBC.com, and The Wall Street Journal. His work can also be found on Benzinga, ETF Daily News, ETF Trends, MarketWatch, Fox Business, and Nasdaq.com.

He currently resides in Las Vegas, where he enjoys golf and taking his black lab to the dog park. He's also an avid sports fan and likes to wager on college football and the NBA. You can also find him at the three-card poker and roulette table, even though he knows better.

Contact Todd at todd.shriber@casino.org.

Comments icon

Conversation (0)

+ Add a comment

Be the first to comment on this article.

Write a comment

Your email address will not be published.