Wynn Resorts Employee Data Reportedly Hacked, Ransom Demand Made
Multiple news outlets have reported Wynn Resorts is the latest victim of a data breach.
A group calling itself ShinyHunters has apparently stolen more than 800,000 records containing the personal information of employees. The hackers have demanded 22.34 Bitcoin (about $1.5 million) in ransom, along with a Feb. 23, 2026 deadline to hear from Wynn Resorts or the data will be leaked.
Wynn Resorts hasn’t made any public statements about the hack, because of course they haven’t. This is tricky business. We have, however, seen this scenario enough times to know what’s next.
How does a hack like this happen? Humans.
A Wynn Resorts employee (or a vendor) clicked on a link. Alternatively, somebody gave up a password. Hackers are experts at social engineering, and they know humans will always be the weak link when it comes to cyber security.
It’s being reported the hackers “gained initial access to Wynn’s systems in September 2025 via an Oracle PeopleSoft vulnerability using an employee’s credentials.”
Oracle Corporation PeopleSoft is an enterprise software platform used by large organizations to manage core business operations, including mainly human resources, finance and supply chain.
The “employee’s credentials” part is key. Somebody was snookered.
Casino databases exist in silos. The silo involved here was a human resources database, which is why 800,000 records were stolen rather than millions.
Employee records have lots of sensitive information, of course.
According to The Register, which saw samples of the stolen data, the breach includes full names, e-mail addresses, phone numbers, positions, salaries, start dates, birthdays and other personal information.
Painful.
Familiar with that pain are the biggest gaming companies in the world: MGM Resorts and Caesars Entertainment. They were hacked in 2023.
The way they reacted to ransom demands could not have been more different, ditto their results.
Caesars Entertainment paid a $15 million ransom. It’s worth noting the original demand was for $30 million, but they negotiated. Hackers destroyed the stolen data and it was business as usual shortly thereafter.
Caesars Entertainment stockholders after hearing insurance covers the $15 million ransom, so the hack pretty much cost the company nothing with virtually no disruption to business. pic.twitter.com/dxdPi6cM4y
— Vital Vegas (@VitalVegas) September 14, 2023
MGM Resorts chose another path.
They refused to pay the ransom. MGM Resorts systems were disrupted for weeks and that course of action ultimately cost the company $100 million. And that doesn’t count the intangible costs.
Such hacks are a huge embarrassment. MGM Resorts even went back and scrubbed all its social media posts around the 2023 data breach. This deleted Tweet said everything was awesome. It wasn’t.
Wynn Resorts faces a difficult decision. If you refuse to pay the ransom, the personal information of hundreds of thousands of current and past employees. You open yourself up to lawsuits. It’s terrible P.R. It’s a mess.
If you pay the ransom, you are capitulating to criminals. Or, as they used to say, “negotiating with terrorists.”
If you take the “high road,” you get to say you took the high road. If you pay, you lose virtually nothing (insurance will cover the $1.5 million) and your employees don’t sue (some probably will, anyway) and you learn more about the vulnerabilities of your security systems.
The dilemma is always that if you cave to the demands of hackers, you might be encouraging others to do the same thing in the future.
Cyber security experts and law enforcement say you shouldn’t pay a ransom to hackers. They say this with a wink, though, because while they can’t officially advise a company pay, they know the risk/reward formula by heart.
It turns out, cyber security experts and law enforcement aren’t all that helpful during a hacking crisis.
Hackers, however, end up keeping their word. Once they get a ransom, they take the steps necessary to prove to their victims that data has been deleted so it can’t be recovered.
If they don’t keep to their agreement, the entire scam collapses because nobody would ever pay a ransom again, and that’s not a good business model for digital hoods.
As a public company, Wynn Resorts is obligated to make an SEC disclosure about the data breach, a Form 8-K if you’re nerdy.
Our prediction is Wynn Resorts will quietly pay the ransom and employee data will be destroyed. They’ll share the absolute minimum about what happened and how, and fire their head of cybersecurity, because somebody has to take the fall. That’s David Tyburski, VP of Information Security and Chief Information Security Officer.
It’s not that guy’s fault, of course, but you have to do something. The over/under is six months after the drama is resolved. Awkward. If we were him, we would trumpet the fact no customer data was accessed or stolen. The company as a whole will say the same thing, if they decide to talk about it, which they probably won’t.
No matter how good corporate cybersecurity is, somebody’s going to be better at getting in.
You pay and you learn, or you fight the good fight and risk trust and many millions of dollars.
Wynn Resorts loses a million bucks every month on its production show, “Awakening.” Just pay the ransom and be done with it, already.
Leave your thoughts on “Wynn Resorts Employee Data Reportedly Hacked, Ransom Demand Made”