Half of $30 Million Ransomware Demand Reportedly Paid by Caesars Entertainment

IT help desk tricked into resetting password

The gambling industry has always been an enormous empire – easy to make a fortune but just as easy to lose everything. However, just recently, Caesars Entertainment in Las Vegas lost their own lucky streak after the same ransomware group who attacked MGM Resorts also infiltrated their own network through the simplest of methods… 

While MGM hasn’t announced whether or not they paid their ransom demand, Caesars did confirm that they paid approximately half of their $30 million ransom. 

Bloomberg was first to report on the attack against Caesars, with evidence of a social engineering attack (a type of cyber attack that relies on manipulating or deceiving individuals into divulging sensitive information or compromising their security) against a third-party IT provider from as early as 27th August 2023. 

The ransomware group, also known by the codenames UNC 3944, Scattered Spider and Muddled Libra, has successfully claimed over 100 victims over the past two years, perfecting the art of convincing staff members via phone call to visit malicious websites or giving them network access. Caesars was no different; the group were able to trick their IT help desk into resetting a password. This small mistake opened the door to the company’s entire network wide open. 

Their cyber security blunder did not go unnoticed by the Stock Exchange either and their stocks subsequently fell 2.7% to $52.35 on Wednesday in New York. 

According to security experts, Caesars’ ransom payment is expected to further attract attention to the sector as a prime target. 

“This won’t be the last Vegas casino operator targeted… With Caesars having paid a ransom recently and MGM targeted, I would guess a smaller, less resilient casino company is next.” – John J. Rice, IT & Security Manager at NYSERNet (a nonprofit internet service provider in New York) 

If this can happen to giant organisations, it can happen to anyone. Get in touch with our expert Cyber Security department to find out more about keeping your company safe from ransomware and other detrimental cyber attacks

Blog Top Picks

Terms of Use   /   Privacy Policy        Company Registration Number: 02059640