Both MGM Resorts and Caesars Entertainment face a legal battle in Nevada. The online casinos in New Jersey will have to defend themselves against accusations of failing to adequately protect the data of their customers during September’s cyberattacks.
Nevada District Court saw class action lawsuits filed on September 21 and 22. The 21st saw four lawsuits initiated against the two companies, a couple against each of them. This was performed by the Florida-based Kopelowitz Ostrow Ferguson, Weiselberg Gilbert and Stranct and Jennings and Garvey PLLC who are based in Las Vegas.
The following day saw more bad news for Caesars Entertainment. A further lawsuit was filed against them by Barnow and Associates from Chicago and the O’Mara Law Firm from Reno. Rather than just being customers from one US state being plaintiffs, they came from a number of states around the country.
According to the lawsuits, both of the online casinos should have recognised or were aware of the possible problems that could be caused by the cyberattacks in respect of protecting the personal information of their customers. In the view of the lawsuits, the relevant guidelines of the Federal Trade Commission and industry standards were not adhered to.
It’s always a worrying moment when there is a breach of online security. The online casino customers affected by the cyberattack fear that their personal information is now in the hands of fraudsters. The information gathered may have already been sold on the dark web. Doing so can be very lucrative for cybercriminals and costly for those whose personal information is stolen.
me tell your story, Vegas.
Contact Jennifer Bradley, PR Practitioner of the Year
It could also be rather costly for MGM Resorts (who run the expanding BetMGM gambling site) and Caesars Entertainment. Each one of the five lawsuits is asking for monetary damages to be paid to those affected by the cyberattacks and the alleged failings of the online casinos. Actual, statutory and punitive damages are being asked for as well as restitution.
If the two online gambling companies have made any profits from using the compromised data, then the lawsuits call for these to be paid to the victims. No one wants to see such behavior in the future and the lawsuits call for the companies to make assurances that they will prevent any future breaches.
Some of the wording of the lawsuits include allegations of breach of contract, unjust enrichment and negligence. They also call for the matter to be decided upon in a trial by jury. .
It was on September 14 that Caesars referred to the social engineering cyber attack. They did so in a Securities and Exchange Commission filing seven days after the attack took place. This told how a cyber attacker had managed to get hold of a copy of the database used for their Caesars Rewards Loyalty program.
Among the information that was obtained were details of driver’s licenses and Social Security numbers. Apps such as the one they have for their sportsbook were not affected.
Caesars Entertainment said they had “taken steps” to ensure that the stolen data is deleted by the hackers. However, this cannot be guaranteed as having taken place. It’s already been costly for Caesars as those steps taken are believed to include a ransom in the neighborhood of $15 million being paid to the cyber attackers.
Four days after the security breach at Caesars, another took place but this time at MGM Resorts. This caused some of their American hotel and casino computer systems to be shut down for a period of time.
The MGM security breach caused a great deal of disruption with Las Vegas hotels and casinos being affected. ATMs and slot machines weren’t working as were electronic payment systems and room digital key cards.
This went on for several days even after the company claimed that their services were “fully operational.” Hotel staff even had to resort to using good old-fashioned pen and paper.
Two hacker groups called ALPHV and Scattered Spider have come forward to claim responsibility.
In the past, Scattered Spider have targeted telecom companies and video game makers. One of their representatives was asked why online casinos are now being targeted. “If you have money we want it,” the representative replied. It appears therefore that there could well be more problems for online casinos and their customers.