Data Security, Threat Intelligence

ShinyHunters extorts Wynn Resorts after alleged data breach

Cyber security firewall interface protection concept.Personal data security and banking. Protecting herself from cyber attacks.

Wynn Resorts, a major hotel and casino operator, is reportedly the latest target of the ShinyHunters cybercrime group, according to The Register.

ShinyHunters claims to have stolen over 800,000 employee records from Wynn Resorts, including Social Security numbers and other sensitive personal details. The group has set a deadline of February 23 for Wynn to pay a ransom, estimated at 22.34 Bitcoin (approximately $1.5 million), or face the public release of the data and further disruptive actions. The attackers allege they gained access in September 2025 by exploiting an Oracle PeopleSoft vulnerability using stolen employee credentials. The stolen data samples reportedly include names, emails, phone numbers, positions, salaries, and birthdays.

This incident follows a pattern of attacks by ShinyHunters, which has previously targeted companies using similar extortion tactics and has been linked to voice phishing operations to acquire single-sign-on codes. The incident echoes previous major attacks on Las Vegas casinos, such as Caesars Entertainment and MGM Resorts, which were compromised by groups with ties to ShinyHunters in 2023.

Source: The Register

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds