TLDR Hacker group ShinyHunters stole data on 800,000 Wynn Resorts employees, including Social Security numbers, demanding a $1.5 million ransom. Wynn confirmed an “unauthorized third party acquired certain employee data” but has not confirmed whether the ransom was paid. Two federal lawsuits have been filed seeking class-action status — one by a former employee, one by a customer. Wynn is offering credit monitoring and identity protection to affected employees while investigating. UBS lowered its price target on Wynn Resorts (WYNN) to $146 from $148, but kept its Buy rating.
Wynn Resorts is facing two federal lawsuits after a cyberattack exposed data on roughly 800,000 current and former employees.
Wynn Resorts, Limited, WYNN
The company confirmed in a statement Tuesday that an “unauthorized third party acquired certain employee data.” That’s about as far as Wynn has gone publicly.
The attack was first reported Friday by The Register. According to the outlet, extortionist hacker group ShinyHunters was behind it.
The stolen records reportedly include Social Security numbers and other private details. The group set a ransom demand of $1.5 million.
Wynn has not said whether it paid the ransom. Michael Weaver, the company’s chief communications and brand officer, said the hackers claim to have since deleted the data.
“We are monitoring and to date have not seen any evidence that the data has been published or otherwise misused,” Weaver said.
Weaver added that the incident has had no effect on guest experience, operations, or physical properties, which remain open.
Former employee Drake Maynard filed suit Tuesday in U.S. District Court in Las Vegas. The lawsuit seeks class-action status covering nearly anyone affected by the breach.
Maynard alleges Wynn failed to notify him promptly and did not have “adequate data security measures” in place. The complaint claims