A cyberattack on Rivers Casino Des Plaines, Illinois, has compromised the personal data of an undisclosed number of patrons and employees. The casino announced that the attack occurred around August 12 but was only discovered in early November. The compromised information includes names, contact information, driver’s license and government ID numbers, as well as financial account, tax identification, Social Security, and passport numbers for a limited number of customers.
However, the casino assured that customer passwords and credit card information have not been affected, stating that it doesn’t believe they were compromised in the attack. They also emphasized the importance of passwords to hackers and the potential threats of selling them on the dark web for fraudulent activities.
Rivers declined to disclose the exact number of customers affected by the breach. According to Illinois Gaming Board records, there were 273,000 visits to the casino and nearly 300,000 bets placed at its sportsbook in the month leading up to the attack.
The casino mentioned that it has robust security protocols in place and promptly took steps to contain the threat and secure its systems upon learning of the incident. It also hired a specialist cybersecurity firm to investigate the breach.
This attack is part of a series of high-profile cybercrimes targeting the casino industry, with MGM Resorts and Caesars Entertainment also falling victim to hackers in September. Caesars paid around $15 million to regain access to its systems, while MGM experienced an estimated $100 million worth of damage before suppressing the threat.
These attacks have been attributed to a hacking group known as “Scattered Spider,” “Octo Tempest,” or “the Com,” with the FBI currently investigating the collective. Despite the collective being “known” to the agency, there have been no arrests made so far.
The casino’s statement about the cyberattack serves as a reminder of the increasing threat of cybercrimes and the importance of robust cybersecurity measures in the modern digital age.