(Bloomberg) The hacking group suspected of cyberattacks against two giant casino operators has quickly made a name for itself for its skills in social engineering, such as tricking someone to gain access to a computer system or another storehouse of sensitive information.Most Read from BloombergCaesars Entertainment Paid Millions to Hackers in AttackVideo-Game Company Unity Closes Offices Following Death ThreatWhen the Homeowners Association Comes for Your HomeRay Dalio Says He Doesn’t Want t
While details are still scarce, prior research points to that once the breach of the casinos was made, the threat group Scattered Spider exploited a vulnerable kernel-mode driver to gain high-level access to Windows privileges.
Casino company Caesars Entertainment on Thursday joined Las Vegas gambling rival MGM Resorts International in reporting that it was hit by a cyberattack, but added in a report to federal regulators that its casino and online operations were not disrupted. The Reno-based publicly traded company told the federal Securities and Exchange Commission that it could not guarantee that personal information about tens of millions of customers was secure following a data breach Sept. 7 that may have exposed driver’s license and Social Security numbers of loyalty rewards members. “We have taken steps to ensure that the stolen data is deleted by the unauthorized actor,” the company said, “although we cannot guarantee this result.”
Hackers stole Social Security numbers and driver’s license numbers from a “significant number” of loyalty program customers of Caesars Entertainment, the hospitality and casino giant said Thursday.