Wynn Resorts Reportedly Targeted in New Cyberattack
Wynn Resorts has been named by the cybercrime group ShinyHunters, which claims it stole more than 800,000 employee records. The group posted the allegation on its blog and set a February 23 deadline for the company to make contact.
The hackers threatened to release the data publicly and trigger additional digital disruption if their demands are not met. They listed a starting price of 22.34 Bitcoin, roughly $1.5 million, for the files and indicated that negotiations could begin from that figure.
Related: MGM Resorts Agrees to Settlement over CyberattacksThe alleged dataset includes Social Security numbers, full names, email addresses, phone numbers, job titles, salaries, start dates and birth dates. The breadth of the personal information described suggests exposure across multiple employment categories within the company.
ShinyHunters said it gained initial access in September 2025 through an Oracle PeopleSoft vulnerability using valid employee credentials. The group declined to clarify whether those credentials were obtained through social engineering tactics or through direct payment to an insider.
The crew has previously used Telegram to solicit insider access and has claimed it offered money to corporate employees for credentials. In one case, it alleged it agreed to pay a CrowdStrike employee $25,000 for access, though the cybersecurity firm publicly stated that no systems were breached.
Recent operations attributed to ShinyHunters have relied on voice phishing campaigns targeting enterprise identity platforms. Attackers sought single sign-on codes tied to Okta, Microsoft and Google services, a method that has become ubiquitous in high-profile network intrusions.
More Business
Pattern of Identity System Exploits in Las Vegas
The Wynn allegation follows earlier Las Vegas casino breaches connected to the same crime collaborative. In late 2023, Scattered Spider exploited Okta authentication workflows and internal help desk procedures to gain entry into networks operated by Caesars Entertainment and MGM Resorts.
Those intrusions resulted in ransomware deployment and the theft of data belonging to tens of thousands of customers. Operational systems were disrupted during the incidents, drawing regulatory attention across Nevada's gaming sector.
Law enforcement agencies have since carried out a series of arrests linked to the Las Vegas attacks. In September 2025, Las Vegas police arrested a teenager suspected of involvement shortly after British authorities detained two other teens accused of participating in the group.
At least seven additional suspected Scattered Spider members were arrested in 2024 as investigations expanded across jurisdictions. The continuing investigations underscore a persistent conundrum for major resort operators that depend on interconnected identity systems spanning hospitality, gaming and corporate networks.
RELATED TOPICS: Business
Latest News
Responsible Gambling
Finland Publishes 2-4-2 Gambling Harm Framework Before 2027 Market Opening
Feb 18, 2026Most Read
Finland Publishes 2-4-2 Gambling Harm Framework Before 2027 Market Opening
Feb 18, 2026Must Read
Interviews
Exclusive Interview: Levon Nikoghosyan Shares AffPapa Winning Formula for Successful iGaming Events
Dec 03, 2025
Interviews
Review this New Post
Leave a Comment
User Comments
Comments for Wynn Resorts Reportedly Targeted in New Cyberattack