Following an early February breach that affected Las Vegas Sands casino websites and internal office systems in the U.S., the corporation determined that the cyber attackers made off with “some legally protected data” belonging to employees and customers at the Bethlehem, Pa., hotel and casino, the company announced.
The company initially declined to specify how many accounts had been affected, saying only that the figure was less than 1 percent of all visitors to the Bethlehem casino since it opened in 2009. But The Casino City Times reported that Sands spokesperson Robert Reese eventually revealed that the number fell somewhere “in the mid five-figure range.”
Tapped in the attack were “credit card information or bank account information, as well as Social Security numbers, driver’s license numbers, and other confidential information used to initiate a line of credit, for tax reporting purposes or for gaming,” the hotel-casino chain said in a statement addressing the issue on its website.
As SCMagazazine.com reported, the company initially believed that the attack, which began on Feb.10, targeted only its corporate site and the home pages for the Venetian and Palazzo casinos in Las Vegas. But within a day, company email had gone down and all of the casino’s websites had been hijacked by hackers and the site defaced with messages protesting comments made by Sands CEO Sheldon Adelson made advocating the use of nuclear weapons on Iran, prompting the company to pull down the sites.
On Feb. 11, an 11-minute video was posted on YouTube, showing information that the hackers may have obtained.
The video was removed and the Sands websites stayed down for more than a week, according to a report by NCR. Both the FBI and the Secret Service have been investigating the attack and Sands has taken steps to protect customers whose information may have been compromised by offering credit card monitoring and identity theft services, including internet scans for Social Security, credit and debit card numbers as well as up to $1 million in identity theft insurance.