Wynn Resorts Confirms Cyberattack Impacting 21,000 Employees
AI-generated from multiple sources. Verify before acting on this reporting.
LAS VEGAS — Wynn Resorts announced Monday that a cyberattack attributed to the ShinyHunters group has compromised data belonging to approximately 21,000 employees across its United States operations. The Las Vegas-based hospitality company disclosed the breach in a regulatory filing, marking a significant escalation in the ongoing cybersecurity incident that has targeted the gaming and resort sector.
The attack, which was detected earlier this week, involved unauthorized access to internal systems containing sensitive personnel information. Wynn Resorts stated that the compromised data includes names, Social Security numbers, and dates of birth for affected staff members. The company confirmed that no financial account information or guest data was accessed during the intrusion.
ShinyHunters, a cybercriminal group known for targeting corporate networks and leaking proprietary information, has claimed responsibility for the breach. The group typically operates by exploiting vulnerabilities in corporate email systems and internal networks to extract data. Wynn Resorts has engaged third-party cybersecurity firms to investigate the scope of the incident and secure its systems.
The company has notified affected employees and is offering credit monitoring services to mitigate potential identity theft risks. Wynn Resorts also reported that the incident has not disrupted its daily operations, and all resorts and casinos remain open for business. The company emphasized its commitment to protecting employee information and is cooperating with federal authorities on the investigation.
This breach represents one of the largest employee data compromises in the hospitality industry this year. Wynn Resorts operates several high-profile properties, including Wynn Las Vegas, Encore Boston Harbor, and Wynn Macau. The company has faced scrutiny over cybersecurity practices in recent years, though this incident marks the first time it has publicly acknowledged a breach of this scale.
Federal law enforcement agencies, including the FBI, are assisting in the investigation. Wynn Resorts has not disclosed the method used by ShinyHunters to gain initial access to its network, nor has it specified the duration of the unauthorized access. The company stated it is continuing to monitor its systems for any further anomalies.
Questions remain regarding the full extent of the data exfiltration and whether additional employee records were compromised beyond the initial 21,000. Wynn Resorts has not indicated whether the breach will result in regulatory penalties or civil litigation. The company plans to provide further updates as the investigation progresses.