A recent cyberattack impacted two New York hospitals, a nursing home, and New York’s video lottery terminals (VLTs) system, operated by Everi Holdings on behalf of the state. VLTs are Class II slot machines.
The attack impacted at least three New York casinos. Resorts World Hudson Valley and Saratoga Casino experienced issues for part of a day. Meanwhile, Jake’s 58 was closed for roughly three days.
“On Tuesday, Oct. 17, Everi, the licensed operator of New York’s video lottery gaming central system, experienced a cybersecurity event that remains under investigation,” said New York Gaming Commission spokesman Brad Malone.
“The Commission has no indication that personal identifiable information was compromised. The Commission continues to monitor the situation.”
Everi Holdings has not yet released a statement or filed a report with the Securities and Exchange Commission (SEC) about the incident. While the SEC recently adopted new rules requiring public companies to disclose cybersecurity incidents within four days, the new rules do not take effect until Dec. 18.
Bad year for casino cyberattacks
This year, cybercriminals are targeting the casino industry. Both Caesars Entertainment and MGM Resorts International experienced significant cybersecurity breaches last month.
Caesars reportedly paid half the $30 million ransom demanded by hackers to avoid a prolonged system outage. Caesars said it had “taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result," according to its SEC filing. "We are monitoring the web and have not seen any evidence that the data has been further shared, published, or otherwise misused.”
MGM apparently took a tougher – but potentially more costly -- approach to resolve its cyberattack. Its attack disrupted MGM properties across the country for more than a week as reservation systems, cash machines, loyalty programs, and even slot machines, failed. In its SEC filing, MGM disclosed it would likely lose $100 million in Adjusted Property EBITDAR.
Neither Caesars Sportsbook nor BetMGM were affected by last month’s cyberattacks. But online sportsbooks haven’t been immune. In December, BetMGM and DraftKings disclosed incidents that compromised customer data.