Nevada Regulators Warn Casinos of Rising Cyber Threats
LAS VEGAS, Nevada – Nevada gaming regulators have issued an urgent cybersecurity advisory after a surge in cyberattacks targeting casinos and gaming businesses across the state.
LISTEN TO THIS ARTICLE:The Nevada Gaming Control Board, citing information from the Governor’s Office of Information Security & Cyber Defense, sent a warning late Friday urging casinos across the state to bolster defenses against phishing, voice phishing (vishing) and other credential-harvesting attacks. The notice follows a recent intrusion at Wynn Resorts in which employee data was reportedly accessed, and comes as industry leaders gathered in Las Vegas for the World Game Protection conference where cybersecurity repeatedly featured on the agenda.
The advisory highlights a pattern of social-engineering campaigns observed across multiple sectors in Nevada, including deceptive emails, text messages and phone calls that impersonate executives, vendors or technical-support personnel in order to obtain passwords, payment details and other sensitive information. Regulators said the activity has intensified and urged gaming operators to treat such incidents as a continuing, elevated risk.
Adam Miller, deputy director for the Office of Information Security & Cyber Defense, emphasized the human element of the risk. "Attackers are exploiting urgency and trust to get past normal controls," Miller said. "Staff must not shortcut authentication or identity checks – even if a request looks routine or the caller seems familiar. Verification through independent channels should be standard practice for any high-risk transaction or password change."
Officials also referenced comments from federal law-enforcement cyber specialists who warned operators to adopt a defensive posture. An FBI cyber agent speaking at the conference urged constant vigilance, noting that casinos remain attractive targets due to large cash flows, complex vendor ecosystems and extensive guest-data systems.
Related: Cyberattack Strikes Olympia Gaming Compromising Operations
More Regulation
Practical Steps for Casino IT Teams
The advisory lays out a set of immediate measures aimed at reducing exposure to social-engineering and account-compromise attacks. Regulators recommended that operators reconfirm internal procedures for handling unusual or high-risk requests and require staff to validate contacts using pre-established directories rather than relying on call-back numbers or links supplied in suspect messages.
Key actions suggested include verifying payment instructions, credential resets and sensitive-data requests through a second independent channel; reinforcing that perceived urgency is not an acceptable reason to bypass controls; and reviewing multi-factor authentication (MFA) configurations to strengthen resilience where feasible. Staff are also urged to report suspicious emails, texts, calls or any unusual login activity promptly to internal security teams.
On the front line, casino security and IT leaders are being advised to tighten least-privilege access, segment critical systems from guest and back-of-house networks, and ensure regular backups are isolated from primary environments to limit ransomware exposure. Training programs that include simulated phishing and vishing exercises were recommended as an effective way to raise awareness and reduce user susceptibility.
Industry observers say the advisory reflects a broader trend: as traditional perimeter defenses improve, attackers are increasingly turning to social engineering and supply-chain vectors that exploit human trust. That shift is prompting greater regulatory scrutiny and calls for clearer incident-reporting expectations from state authorities.
For operators, the message from the Nevada Gaming Control Board and federal officials is straightforward: strengthen verification workflows, do not permit exceptions for urgent-sounding requests, and invest in both technical controls and staff training. Given the pace of recent incidents, gaming companies that fail to adapt could face operational disruptions, reputational harm and intensified enforcement attention going forward.
RELATED TOPICS: Regulation
Review this New Post
Leave a Comment
User Comments
Comments for Nevada Regulators Warn Casinos of Rising Cyber Threats