Wynn Resorts confirms employee data breach after extortion threat
Bleeping Computer
by Lawrence AbramsFebruary 24, 2026
AI-Generated Deep Dive Summary
Wynn Resorts has confirmed that employee data was stolen by hackers following an extortion threat from the ShinyHunters group. The company activated its incident response protocols and collaborated with external cybersecurity experts to investigate the breach. While the attackers claimed the stolen data had been deleted, Wynn did not disclose whether a ransom was paid or how many individuals were affected. The breach did not impact guest operations or physical properties, but the resort offered complimentary credit monitoring and identity protection services to employees.
ShinyHunters, known for its extortion tactics, targeted Wynn Resorts by threatening to publish stolen personal information unless their demands were met. The group claimed access to over 800,000 records containing sensitive employee data, including Social Security numbers. After the threat was made public on ShinyHunters’ data leak site, the entry was removed, likely indicating ongoing negotiations or disputes over the claims. While Wynn did not confirm payment of a ransom, the attackers had previously targeted the company’s Oracle PeopleSoft environment.
This incident highlights the growing sophistication of cyber extortion groups like ShinyHunters, which have previously claimed responsibility for high-profile breaches at major companies such as Panera Bread, Betterment, and Match Group. The group often employs social engineering tactics, including voice phishing (vishing), to steal credentials and multi-factor authentication codes. These attacks frequently target single sign-on accounts, compromising access to popular SaaS platforms like Salesforce and Microsoft 365.
The Wynn Resorts breach underscores the
Verticals
securitytech
Originally published on Bleeping Computer on 2/24/2026