• Home
  • cyber
  • Wynn Resorts: Wynn Fires Back at Lawsuit Tied to Data Breach
cyber Breach

Wynn Resorts: Wynn Fires Back at Lawsuit Tied to Data Breach

Feb 20, 2025 2 min read
Wynn Resorts: Wynn Fires Back at Lawsuit Tied to Data Breach

Wynn Resorts Disputes Class-Action Lawsuit Over Alleged Data Breach

Wynn Resorts has pushed back against a class-action lawsuit filed in Nevada last weekend, which claims a cyberattack exposed the personal data of over 800,000 customers. In a statement to Gambling Insider, the company clarified that the breach involved employee data only, not customer records.

According to Michael Weaver, Wynn’s chief communications and brand officer, an unidentified third party accessed certain employee information. The company activated its incident response protocols and engaged external cybersecurity experts to investigate. Weaver confirmed that the perpetrator later identified in the lawsuit as the cybercriminal group ShinyHunters claimed to have deleted the stolen data, though Wynn has found no evidence of publication or misuse. The company did not disclose whether a ransom was paid.

Despite the breach, Wynn stated that guest operations, physical properties, and customer experiences remained unaffected. The company is offering complimentary credit monitoring and identity protection to affected employees while working with third-party IT advisors to bolster security.

The lawsuit, led by plaintiff Richard Reed, alleges Wynn’s mishandling of customer data enabled the breach, citing a February 20 blog post by ShinyHunters that claimed the theft of 800,000 records, including Social Security numbers. Wynn’s denial of customer impact raises questions about the lawsuit’s validity. Both the plaintiff and class-action attorneys have yet to respond to requests for comment.

The investigation remains ongoing.

Source: https://www.gamblinginsider.com/news/114166/wynn-response-lawsuit-data-breach

Wynn Resorts TPRM report: https://www.rankiteo.com/company/wynnresorts

"id": "wyn1771977320",
"linkid": "wynnresorts",
"type": "Breach",
"date": "2/2025",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': '0 (employee data only)',
                        'industry': 'Hospitality/Gaming',
                        'location': 'Nevada, USA',
                        'name': 'Wynn Resorts',
                        'type': 'Corporation'}],
 'customer_advisories': 'None (customer data not affected)',
 'data_breach': {'data_exfiltration': 'Claimed by ShinyHunters, but no '
                                      'evidence of misuse',
                 'number_of_records_exposed': 'Undisclosed (allegedly 800,000 '
                                              'total, but Wynn denies customer '
                                              'records)',
                 'personally_identifiable_information': 'Yes (allegedly Social '
                                                        'Security numbers)',
                 'sensitivity_of_data': 'High (allegedly included Social '
                                        'Security numbers)',
                 'type_of_data_compromised': 'Employee personal data'},
 'description': 'Wynn Resorts has pushed back against a class-action lawsuit '
                'filed in Nevada, which claims a cyberattack exposed the '
                'personal data of over 800,000 customers. The company '
                'clarified that the breach involved employee data only, not '
                'customer records. An unidentified third party accessed '
                'certain employee information, and the cybercriminal group '
                'ShinyHunters claimed to have deleted the stolen data. Wynn '
                'found no evidence of publication or misuse and stated that '
                'guest operations remained unaffected.',
 'impact': {'data_compromised': 'Employee personal data',
            'identity_theft_risk': 'Potential (Social Security numbers '
                                   'allegedly exposed)',
            'legal_liabilities': 'Class-action lawsuit filed',
            'operational_impact': 'None (guest operations unaffected)'},
 'investigation_status': 'Ongoing',
 'post_incident_analysis': {'corrective_actions': 'Offering complimentary '
                                                  'credit monitoring and '
                                                  'identity protection to '
                                                  'affected employees'},
 'ransomware': {'data_exfiltration': 'Claimed by ShinyHunters'},
 'references': [{'source': 'Gambling Insider'},
                {'source': 'ShinyHunters blog post (February 20)'}],
 'regulatory_compliance': {'legal_actions': 'Class-action lawsuit filed'},
 'response': {'communication_strategy': 'Public statement to Gambling Insider',
              'incident_response_plan_activated': 'Yes',
              'remediation_measures': 'Bolstered security measures',
              'third_party_assistance': 'External cybersecurity experts and IT '
                                        'advisors'},
 'threat_actor': 'ShinyHunters',
 'title': 'Wynn Resorts Disputes Class-Action Lawsuit Over Alleged Data Breach',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.