A notorious hacking group has targeted the US luxury casino empire and claims to hold 800,000 sensitive records. Wynn Resorts has confirmed the breach.
The cybercrime group ShinyHunters claims it has pulled off a massive data heist against Wynn Resorts, alleging it holds more than 800,000 records containing personal and employee information.
The group is escalating its pressure tactics and has issued what it calls a “final warning” on the dark web, giving the luxury resort giant until February 23rd before releasing the data to the public. The pressure on the company and the threats to release the data is a common extortion tactics.
Such breach could have severe implications for the company. If the claimed scale proves correct, exposure of customer and employee records would likely result in regulatory scrutiny, not to mention reputational damage to the company.
Wynn Resorts operates some of the most recognizable high-end hotels and casinos in Las Vegas and Macau, generating approximately $1.87 billion in revenue. That kind of global footprint makes it an attractive target for attackers.
Wynn Resort confirm data breach
Cybernews has reached out to the company regarding the alleged breach and the company confirmed the attack.
“We have learned that an unauthorized third party acquired certain employee data,” the company’s spokesperson said in the statement.
“This incident has had no impact on our guest experience, our operations, or our physical properties, which are all fully operational and open for business,” the company added.
The company says it has launched an investigation and is offering complimentary credit monitoring and identity protection to all its employees.
ShinyHunters is scaling up attacks
ShinyHunters is a well-known cybercrime and extortion gang, previously linked to multiple high-profile data theft campaigns.
Just this week, the gang threatened to release millions of records from two elite US financial advisors – Mercer Advisors and Beacon Pointe Advisors. The gang also dropped data belonging to Canada Goose, a major luxury winter clothing maker. However, Cybernews researchers have determined that the data is several years old.
In 2026, the gang reportedly ran an active voice phishing campaign to steal single sign-on (SSO) credentials for Okta, Microsoft, and Google accounts.
ShinyHunters was also attributed to a potential data breach at Waltio, a prominent French cryptocurrency tax filing platform, which the hackers controversially linked to kidnapping cases in France.
The gang has also claimed breaches at Bumble, Match Group, operating Hinge, Match, and OkCupid services, and Panera Bread. It also targeted the private company intelligence platform Crunchbase. According to the company, the threat actor exfiltrated “certain documents” from its corporate network.
The gang is associated with last year’s Salesforce CRM data heist that targeted enterprise cloud services and customer databases.
On June 25th, 2025, French authorities announced the arrest of four alleged members of ShinyHunters across multiple regions of France.
Updated on February 25th [3:00 p.m. GMT] with a statement from Wynn Resorts
Unlock exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked