Last month, cyber-criminals apparently hacked the website of the Nevada Gaming Control Board, causing a temporary shutdown of several days. According to news accounts, no personal information or financial records were stolen.
A source told the Nevada Independent that the attack also targeted the website of the Nevada Gaming Commission. The public-facing sites include agency meeting agendas, a list of gaming regulations, press releases, industry data, contact information and profiles of the board and gaming commission members.
Sensitive information on licensees and financial records reside on a separate web system, the source said.
In a statement on social media following the apparent attack, the board stated, “Technology personnel initiated immediate steps to protect the website by taking it offline. The (board) is working with experts to thoroughly assess the situation. While working to restore the full website, the (board) is preparing to publish a temporary website for those seeking access to information.”
In September 2023, the Las Vegas Strip’s largest casino operators, MGM Resorts International and Caesars Entertainment, also fell victim to cyber-attacks.
At the time, the Wall Street Journal reported that Caesars paid $15 million in ransom to hackers in exchange for an assurance that they would not release stolen customer data. Caesars said it took steps “to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result.” MGM declined to say whether it paid any ransom.
In addition to immediate losses, analysts said the attacks cost MGM and Caesars millions of dollars in lost revenue and, according to the Independent, “damaged their reputation with customers and employees, many of whom had their data stolen in the attack.” MGM said that its cybersecurity insurance likely would cover “the financial impact of the attack on its business.”
Last June, Nevada lawmakers and Governor Joe Lombardo passed a bill to let the Gaming Control Board replace its outdated IT system.
“You have to get off of a 40-year-old computer system or bad things could happen,” said Chairman Kirk Hendrick, in remarks before the Senate Finance Committee. “The system is used for running all the board functions. Every single division uses pieces of this system. It’s way past its retirement age.”