Wynn Resorts has become the target of a competitive class action lawsuit over a suspected data breach which, according to the news, may be connected with the hacker group named ShinyHunters.
The suit argues that extremely private information, such as the identity of the customers, may have been exposed, thereby escalating a criminal threat that has been a steadily growing problem of cyber security in the casino and hotel industry. The news just being another reminder to the gambling companies, that is certainly a hard and risky area of the industry that needs to be beefed up. Large casino operators maintain extensive personal data, thus they are lucrative targets for cyber criminals. On the other hand, it only adds to the list of legal burdens that Wynn has to face, which not long ago was subjected to a federal probe on allegedly improper liquor rebate practices.
In the complaint, the plaintiffs are asserting that the casino failed to adequately protect the customer information, which is why it is being assumed that unauthorized parties could have gained access to personally identifiable information.
Though they are still trying to find out the extent of the breach, the accusations are that the compromised data involved names, email addresses, phone numbers, and maybe some account information.
The lawsuit asks for money damages and states that due to the plaintiffs not being protected from a data breach their risk of identity theft or financial fraud has increased.
The class action complaint primarily contends that the company failed to put adequate cybersecurity preventions in place; shared the customers’ confidential information; gave either late or no notification to the victims; and lastly the plaintiffs point to the fact that the threat of identity theft still is.
Wynn says that it has done nothing wrong and currently, the situation is only at the very beginning stages of the procedural timeline.
Hacker Group and Industry Risks
ShinyHunters is a group of hackers who have been linked to numerous high-profile data breaches in the retail, technology, and entertainment industry sectors.
It is believed that the group ShinyHunters has focused on firms with huge databases of consumers, and often they have intended to make a profit out of the stolen data by either selling it or threatening the victims with blackmail, hence forcing them to pay.
Casino operators are exposed to quite a high-risk level in general. Casinos deal with loyalty program member databases, hotel booking platforms, online gambling accounts, and payment transaction records. A minor data leak can, in fact, result in mandatory reporting of the case to the regulatory authorities and it can also lead to significant reputational loss.
Casino operators are increasingly becoming the favorite target of hackers since they handle both financial transactions and a large variety of customer data. A number of top gaming companies in the industry have suffered security breaches during the last few years. Such breaches have resulted in business disruptions, investigations by the authorities, heavy expenses for recovery, and class action lawsuits. According to an insider of the industry, investments in cybersecurity have become one of the necessary operational costs for integrated resort operators.
Consequences and Industry Implications
Major consequences of the incident would include the following: a rise in the legal liability of the industry after data breaches, heightened regulatory scrutiny, increased attention to the strength of the data protection systems, and the risk of higher insurance and compliance costs. Publicly traded operators, in particular, are at risk of breach-related litigation because of the pressure from shareholders and the possibility of reputational damage.
Depending on the settlement terms and how extensive the remediation efforts are, data breach lawsuits can potentially bring heavy losses to companies, even beyond their millions of pretenses. Besides civil claims, companies could also face local privacy investigations, federal regulatory scrutiny, be required to offer credit monitoring services to affected consumers, and suffer brand perception damage that can be difficult to heal.
For Wynn, this class action lawsuit has become yet another matter related to cybersecurity issues that the whole gaming industry is grappling with.
The case will move forward in federal court where Wynn will most likely reject the claims made in the suit. It hasn’t been revealed yet whether the case might be dismissed, settled, or if it will continue for a long time. The gambling industry is familiar with the cyber threat message, but it is becoming more and more of an emergency. Cybersecurity is no longer just an IT matter; it has become a critical financial, legal, and operational issue.
As the digital systems at the casino, hospitality, and online gaming operations are getting more and more integrated, the need for protecting data is going up. After breaches have happened, the consequences are far beyond just the lost time of systems.
