According to the court documents, the company involved is Rancho Mesquite Casino. and the breach has reportedly affected two of its locations.
Class-action Lawsuit Against Eureka Casino
According to the data breach notification on the Maine Attorney General’s website 229,299 people were affected by the breach. This includes information belonging to employees, as well as customers. The personally identifiable information (PII) contained names, social security numbers, and financial information, including account/card numbers and security codes, according to the document.
The incident took place in November 2022, and Rancho Mesquite Casino (DBA Eureka Casino) notified the people affected. According to an 8NN report, it affected two of the company’s locations. Eureka operates hotels and casinos in Mesquite and Las Vegas, Nevada, and Seabrook, New Hampshire. The Maine AG office’s website didn’t explicitly specify which locations were breached.
According to the 8NN report, the letter sent to notify those whose PII was accessed by the hackers explained that the company took steps immediately to secure its systems. However, the attack took place in November 2022, and notifications were sent out in December 2022. This led to the company receiving further scrutiny over the delay in this instance.
The originating plaintiff in the class-action lawsuit is reportedly a California resident, who is claiming to be a victim of a ransomware attack, resulting from the security breach at Eureka Casino. The lawsuit was filed in a Las Vegas court, and the company was accused of negligence and failure to encrypt the sensitive information it was storing in its systems.
Cybersecurity Becoming a Prominent Topic
Data breaches are not a new occurrence and cybercriminals have noticed the world is moving increasingly toward digitizing everything. There is no shortage of targets and the gambling industry participants aren’t an exception to this. BetMGM was another example of this in late December of last year when it also suffered a cyber-attack.
The company confirmed it had launched an investigation at the tail end of December 2022. It acknowledged that patron data was impacted by the security incident. Again, social security numbers, dates of birth, and other details were accessed by the hackers. It’s standard practice for companies to collaborate with security companies in such cases.
There are also those trying to get ahead of the curve and the increasing number of industry participants collaborating with cyber-security experts and organizations is proof of that. Napoleon Sports & Casino joining the newly-established cybersecurity group of the European Gaming and Betting Association (EGBA) EGBA is one such example.
As companies learn to use and store an increasing amount of data to provide better experiences and more refined products, the need for enhancing cybersecurity also increases. PPI opens the doors for many frauds and in some cases – even identity theft, so companies are investing more time and resources into keeping their informational assets and customers safe.