Cyber: Wynn Resorts Confirms Employee Data Breach After Extortion Threat

Wynn Resorts has confirmed that a hacker stole employee data from its systems after the company was listed on the ShinyHunters extortion gang's data leak site.

In a statement shared today, the company said it activated its incident response procedures and launched an investigation, with assistance from external cybersecurity experts, after discovering the breach.

"We have learned that an unauthorized third party acquired certain employee data," reads a statement shared with BleepingComputer.

"Upon discovery, we immediately activated our incident response protocols and launched a thorough investigation with the help of external cybersecurity experts."

While Wynn has not stated whether it paid a ransom to prevent the data leak, the company said the attackers confirmed the stolen data had been deleted. In past extortion cases, threat actors have typically only claimed data was deleted after reaching an agreement with a victim.

"The unauthorized third party has stated that the stolen data has been deleted. We are monitoring and to date have not seen any evidence that the data has been published or otherwise misused," the statement continued.

The company added that the incident did not impact guest operations or its physical properties, which remain fully operational, and that it is offering complimentary credit monitoring and identity protection services to employees.

This statement comes after Wynn Resorts appeared on the ShinyHunters data leak site on Thursday.

In the threat actors' post, the group claimed it had stolen "PII (SSNs, etc) and employee data" and warned the company to make contact before February 23, 2026, or the data would be published.

"Over 800k records containing PII(SSNs, etc) and employee data have been compromised," reads the now-deleted post on ShinyHunters data leak site.

Source: BleepingComputer