Caesars Entertainment Cyberattack Exposes 6TB of Stolen Data

 Caesars Entertainment Inc. has reportedly paid a substantial sum to hackers who successfully infiltrated the company's systems and issued threats to expose sensitive data.
This breach comes in the wake of another cyberattack on MGM Resorts International. Although Caesars Entertainment has not officially commented on the situation, the cyberattack became publicly known after Bloomberg News initially reported it. Interestingly, this revelation had a minimal impact on the company's stock, with shares remaining relatively stable.

The hacking group allegedly responsible for this attack is known as Scattered Spider or UNC 3944. They have gained recognition for their expertise in social engineering tactics, which they employ to gain access to corporate networks. In the case of Caesars, the hackers initially breached an external IT vendor before infiltrating the company's network.
The timeline of the attack suggests that Caesars may have been targeted as early as August 27. Notably, some members of this hacking group are believed to be relatively young, with individuals as young as 19 years old, residing in the US and the UK.
The attackers successfully obtained sensitive data from Caesars' loyalty program members, including driver's licenses and social security numbers, as confirmed by the company in their regulatory filing.
Traditionally, hacking groups demand cryptocurrency as ransom in exchange for stolen data. Some employ ransomware tactics to encrypt computer files, providing decryption keys only after receiving payment. In recent cases, hackers have chosen to steal data and demand payment, with the threat of publishing the information if their demands are not met.
Caesars has stated that they have taken measures to ensure that unauthorized actors delete the stolen data, although they cannot provide a guarantee of this outcome.