Nevada Gaming Control Board Reminds Licensees About Cyberattacks and ‘Vishing’
Posted on: March 9, 2026, 09:42h.
Last updated on: March 9, 2026, 09:42h.
- Nevada is seeing an increase in attempted cyberattacks and phishing
- State government agencies are reminding businesses and casinos to remain vigilant
The Nevada Gaming Control Board (NGCB) is reminding its licensees to stay vigilant in their daily operations in the wake of increased cybersecurity incidents.
On Friday, the state gaming regulator forwarded a Cybersecurity Notice from the State of Nevada Governor’s Technology Office warning all businesses that the state has seen an increase in the number of cybersecurity incidents.
The Technology Office said attacks often arise through phishing, which is the fraudulent practice of sending emails or texts purported to be from a credentialed employee or other individual who needs to have their login restored. The Technology Office added that voice phishing, or fraudulent phone calls seeking similar private information, has also been reported. Voice phishing is referred to as vishing.
The notice encouraged all employees who handle sensitive information to be vigilant when dealing with requests involving account access, password resets, wire transfers, changes to payment instructions, record keeping, or any other action that relies on identity verification.
Hurried Requests Often Fraudulent
The Nevada Governor’s Technology Office is a statewide government agency that seeks to foster secure, innovative technology services and solutions for Nevadans. The agency was established last year through the rebranding and reorganizing of state IT departments.
The Technology Office says human resource departments and casino personnel who handle confidential information should not take shortcuts in authenticating an access request.
Attackers often rely on urgency, impersonation, and human trust to bypass normal controls,” the Technology Office said. “Be wary of callers who pressure you to act immediately, keep a request secret, or override normal approval steps.”
The warning comes just weeks after Wynn Resorts was attacked through a phishing scheme.
The hackers claimed to have stolen more than 800,000 records involving Wynn employees’ names, emails, birth dates, phone numbers, positions, and salaries. The group, ShinyHunters, demanded a $1.5 million ransom to prevent the data from being leaked.
While Wynn did not disclose publicly whether it paid the ransom, ShinyHunters later said the confidential data had been deleted. Wynn has extended free credit monitoring to the impacted personnel.
In 2023, Caesars Entertainment and MGM Resorts were both hacked. The hackers gained access to the companies’ Las Vegas Strip casino resorts through “social engineering,” the practice of impersonating an employee to gain system access.
MGM’s operations were disrupted for over 10 days, which led to approximately $100 million in revenue losses. Caesars reportedly paid a $15 million ransom to avoid major disruptions.
Reviews Encouraged
Along with reminding employees to remain wary of access requests, the Technology Office is prompting employers to review their internal procedures for account and network system verification.
The Technology Office says using a two-step or multi-factor authentication process limits the threat of phishing.
No comments yet