The Dark Roulette: A Timeline of Cyberattacks on Casinos (2023)

Estimated read time 8 min read

Introduction: Are Casinos Really Secure?

When you think of casinos, you probably envision high-stakes games, luxurious settings, and tight security. But have you ever wondered how secure these establishments are in the digital realm? The answer might surprise you. Over the years, casinos have increasingly become targets for cybercriminals.

Lets delve into this comprehensive timeline of significant cyberattacks on casinos.

History of Cyberattacks
History of Cyberattacks

2014: Las Vegas Sands – The $40 Million Catastrophe

The Prelude

In February 2014, Las Vegas Sands, owned by billionaire Sheldon Adelson, fell victim to a cyber onslaught that shook the casino industry. At the time, Las Vegas Sands was one of the largest and most lucrative casino operations globally. Thus, it presented an attractive target for cybercriminals.

The Motive

The attack was politically motivated1. Sheldon Adelson, the CEO, had openly made comments against Iran, specifically advocating for a nuclear strike. This comment didn’t sit well with Iranian hackers, who then decided to retaliate.

The Method

The attackers initiated a Distributed Denial of Service (DDoS) attack, essentially flooding the company’s network with overwhelming traffic, making it impossible to function normally. But they didn’t stop there. They also inserted malware that wiped servers and leaked sensitive employee information.

The Aftermath

The cyberattack caused approximately $40 million in damages, including both technical repairs and data loss. This event was a wake-up call for the casino industry, which started to reconsider its cybersecurity protocols. Moreover, it showed that casinos could be targets of politically motivated cyberattacks, not just financially motivated ones.

The Las Vegas Sands incident was a bellwether for the industry, highlighting the extent to which a lack of robust cybersecurity could cost a company.

Cyberattack Roulette Table
Cyberattack Roulette Table

2016: Affinity Gaming – Credit Card Breach

The Background

Affinity Gaming, a casino operator primarily active in Nevada, was not as large as Las Vegas Sands but was reputable nonetheless. In 2016, it became the target of a cyberattack that significantly impacted its business2.

The Entry Point

The attackers focused on the Point of Sale (POS) systems, which are designed to handle customer transactions. These systems are often considered secure but are not impervious to breaches.

The Malware

The criminals used a POS malware, essentially a software designed to infiltrate transaction systems and skim credit card information. The malware was sophisticated, capable of evading detection for a considerable period.

The Impact

While the exact number of compromised credit cards was never disclosed, the damage was extensive enough to hurt Affinity Gaming’s reputation. Customers became wary of using their cards at the establishment, and the company faced increased scrutiny from regulatory bodies.

The Aftermath

Affinity Gaming had to overhaul its entire POS system, implement new security measures, and work on rebuilding customer trust. The costs were not just immediate but also long-term, affecting the company’s stock prices and customer loyalty.

Cybercrime Roulette Table
Cybercrime Roulette Table

2017: River Casino – Held for Ransom

The Set-Up

River Casino, not as globally recognized as the previous examples, still had a substantial digital footprint. In 2017, it fell victim to a different kind of cybercrime: ransomware.

The Ransom Note

The attackers encrypted the casino’s essential files3 and demanded a ransom of $1 million in Bitcoin for the decryption key.

The Dilemma

River Casino faced a difficult choice: pay the ransom and potentially encourage future attacks or refuse to pay and risk losing vital data.

The Resolution

In a desperate attempt to restore operations, the casino opted to pay the ransom. The attackers decrypted the files, but the incident left a lasting scar on the casino’s reputation and finances.

Cybercrime Roulette Table
Cybercrime Roulette Table

2018: Casino Rama – Data Leakage Nightmare

The Context

Casino Rama, based in Ontario, had been enjoying a period of steady business until it was hit by a devastating cyberattack in 20184.

The Breach

The attackers exploited a vulnerability in the casino’s security system, gaining access to the personal information of patrons and employees, including Social Security numbers and bank details.

The Fallout

The breach led to multiple lawsuits from affected individuals and a significant loss of trust among patrons. There was also a regulatory backlash, with authorities questioning the adequacy of Casino Rama’s cybersecurity measures.

Hackers in a casino
Hackers in a casino

2020: MGM Resorts – The Big Bet That Failed

The Stage

MGM Resorts is a household name in the casino industry, making the scale of its 2020 data breach all the more shocking.

What Happened?

The breach exposed the personal data of 10.6 million guests5, including celebrities, CEOs, and tech moguls. The data was eventually found for sale on a dark web marketplace.

The Response

MGM Resorts took immediate steps to notify affected guests and bolster its cybersecurity measures. However, the damage was done, and the company faced several lawsuits as a result.

Hackers in a casino
Hackers in a casino

2021: Federal Group Casinos in Tasmania – The Underestimated Vulnerability

The Backdrop

In 2021, a cyberattack affected two Federal Group casinos in Tasmania, bringing attention to the vulnerabilities of even smaller-scale casino operations. The attack began on April 3, 20216, and the consequences were immediate and severe, affecting both pokies machines and hotel booking systems.

The Scope

The attack was a ransomware assault, a type of malware that encrypts files and demands payment for their release. What made this attack alarming was the impact it had on the casinos’ primary sources of revenue—pokies machines. These machines were down for a total of ten days, a considerable period given the popularity of such games.

Financial Toll

ABC News reported that over the last eight months leading up to the attack, the average monthly expenditure on pokies in the Federal Group’s casinos was a staggering AU$6.7 million, totaling AU$53.7 million over the period. The ten-day shutdown thus likely inflicted substantial financial damage.

Hackers in a casino
Hackers in a casino

2022: Crystal Bay Casino – A Wake-up Call on Data Security

The Incident

In November 2022, Crystal Bay Casino reported unusual activities within its network systems. Initial investigations indicated that certain files might have been illicitly copied around November 27, 2022. Further reviews, concluded on January 25, 2023, revealed that some database information might also have been compromised7.

007 in a Casino that is being hacked
007 in a Casino that is being hacked

2023: MGM Resorts and Caesars Entertainment – The Wide Reach of ALPHV and Scattered Spider

The Incident Unfolds

In a series of coordinated attacks, hacking groups ALPHV and Scattered Spider breached not only casino giants MGM Resorts and Caesars Entertainment but also targeted companies in manufacturing, retail, and technology sectors. The news broke in September 2023, putting the spotlight back on the rampant ransomware attacks affecting various industries.

Inside the Attack

David Bradbury, the Chief Security Officer at Okta, a company that provides identity management services, confirmed8 that five of their clients, including MGM and Caesars, had been compromised. Okta, which has over 17,000 customers globally, noticed multiple breaches among its client base and promptly issued an alert. The hackers used sophisticated tactics like impersonating employees of the victim companies to gain duplicate access through IT helpdesks.

Financial Impact

The attacks had immediate repercussions on MGM9 and Caesars, causing a drop in their stock prices. MGM, in particular, faced disruptions in its operations spanning from Las Vegas to Macau.

Both companies remained tight-lipped, with MGM acknowledging a “cybersecurity issue” and Caesars confirming an ongoing investigation.

The Culprits

The financially motivated hacking group ALPHV took credit for the MGM breach and even warned of further attacks if a deal wasn’t struck. The exact ransom demand remains undisclosed. Scattered Spider, recognized by Google’s Mandiant Intelligence as one of the most disruptive hacking outfits in the United States, appears to have collaborated with ALPHV in these attacks. The incident itself is expected to cost MGM around 100 million USD.

007 in a Casino that is being hacked
007 in a Casino that is being hacked

Top Casino Cybersecurity Issues

IoT Vulnerabilities

The Internet of Things (IoT) has made its way into casinos in the form of connected thermostats, smart fridges, and even fish tanks. However, robust security for these devices is often lacking, creating unnoticed security loopholes.

Ransomware Risks

Ransomware attacks are a growing concern, especially given the volume and variety of data that casinos handle. A successful attack could result in a shutdown lasting days or weeks, forcing casinos to choose between paying a ransom or facing market repercussions.

Data Exfiltration

Hackers are not just interested in immediate gains. They also stealthily collect and sell data, setting the stage for future identity thefts and credit card frauds.

Compliance Challenges

A breach can trigger a cascade of compliance issues. From Payment Card Industry Data Security Standard (PCI DSS) audits to violations of privacy laws like the California Consumer Protection Act (CCPA), the repercussions can be both legally and financially draining.

  1. ↩︎
  2. ↩︎
  3. ↩︎
  4. ↩︎
  5. ↩︎
  6. ↩︎
  7. ↩︎
  8. ↩︎
  9. ↩︎
Reza Rafati

Reza Rafati, based in the Netherlands, is the founder of An industry professional providing insightful commentary on infosec, cybercrime, cyberwar, and threat intelligence, Reza dedicates his work to bolster digital defenses and promote cyber awareness.

You May Also Like

More From Author

+ There are no comments

Add yours