On October 19 and 20, hackers accessed the personal data of 665,000 patrons of Marina Bay Sands (MBS), a Las Vegas Sands property and one of two integrated resorts in Singapore.
A spokesperson told news outlet GGRAsia that the data included names, cell phone numbers, email addresses, nationality and membership ID and tier level. As of last week, Sands had no evidence that the “unauthorized third party” had “misused the data to cause harm to customers.”
“Marina Bay Sands became aware of a data security incident on 20 October 2023 involving unauthorized access on 19 and 20 October 2023 to some of our customers’ loyalty program membership data,” the representative wrote. “Upon discovery of the incident, our teams immediately took action to resolve it. Investigations have since determined that an unknown third party accessed customer data of about 665,000 non-casino rewards program members. We do not believe that membership data from our casino rewards program was affected.”
The statement continued, “After learning of the issue, we quickly launched an investigation, have been working with a leading external cybersecurity firm, and have taken action to further strengthen our systems and protect data.”
The company has reached out to Sands LifeStyle members to “sincerely apologize for the inconvenience caused by this incident. We have reported it to the relevant authorities in Singapore and other countries where applicable and are working with them in their inquiries into the issue.”
Chief Operating Officer Paul Town advised customers to monitor their accounts for signs of suspicious activity; to change their login information; and to beware of “phishing” attempts.
Several major gaming operators have recently fallen victim to cyberattacks. In September, multiple internal systems were disabled at U.S. giants MGM Resorts and Caesars Entertainment. MGM expects the attack to have a negative impact of around US$100 million on its Adjusted EBITDAR for the month of September, Inside Asian Gaming reported.
