Hackers Claim Wynn Resorts Hack, Seek $1.5 Million to Withhold Data

Major casino and resort operator Wynn Resorts may have been targeted in a large-scale cyberattack, technology publication The Register reported, citing claims by the hacking group ShinyHunters.

The group alleges it gained access to more than 800,000 internal company records.

According to the hackers, the stolen data includes employees’ full names, email addresses, phone numbers, dates of birth, Social Security numbers (SSNs), job titles, salaries and start dates. The data is said to relate to staff members rather than customers.

ShinyHunters is demanding 22,34 bitcoin — approximately $1,5 million — in exchange for not disclosing the information. The group has reportedly given the company until February 23 to make contact, threatening to publish the data and cause further damage if its demands are not met.

The Register reported that the initial access may have been obtained as early as September 2025 through a vulnerability in Oracle PeopleSoft, allegedly using credentials belonging to an employee. It remains unclear how those credentials were acquired.

Wynn Resorts has not confirmed a breach or data leak and has not issued an official comment.

Wynn Resorts is an international operator of premium integrated casino resorts. The company runs casino properties in the United States, including in Las Vegas and Boston, and operates in Macau. It is also developing an integrated resort project in the emirate of Ras Al Khaimah in the United Arab Emirates, where the country’s first casino is planned.

Gambling Park notes that the gambling industry has previously faced major cyber incidents. In 2023, casino operators MGM Resorts International and Caesars Entertainment were targeted in cyberattacks involving social engineering techniques, resulting in data exposure and operational disruptions.