Las Vegas giant reveals hacking incident after system breach

Published: 22 May 2026
Last updated: 25 May 2026
station casinos cover

Station Casinos has confirmed a cybersecurity breach in a regulatory filing, adding yet another major Las Vegas gaming operator to the growing list of casinos targeted by cybercriminals.

Station Casinos, one of the largest casino operators in Las Vegas, disclosed a cybersecurity breach after submitting an official data breach notice to the Maine Attorney General’s Office.

According to the filing, the casino’s systems were breached by an external threat actor. The company states that the incident occurred on March 5th, 2026, and was discovered on the same day. Consumer notifications began on May 21st, 2026.

ADVERTISEMENT

At this stage, the scope of the breach remains unknown. The company has not publicly disclosed which systems were compromised or what data may have been exposed.

The breach notice states that at least one Maine resident’s data was involved in the data breach.

Station Casinos says the employee's account was accessed

The company's spokesperson confirmed to Cybernews that in March 2026, Station Casinos experienced a cybersecurity incident in which an "unauthorized third party" accessed the systems. According to the company, attackers accessed a single employee’s account and associated files.

"The cybersecurity incident has had no impact on the Company’s properties or business operations," the spokesperson said. "Upon detecting the incident, the company promptly took steps to respond to the incident with the assistance of external cybersecurity experts and in cooperation with law enforcement."

Station Casinos stated that it had informed the affected individual and regulators, also it is providing credit monitoring and identity theft protection "all potentially affected individuals."

The spokesperson said Station Casinos does not believe that "the incident will have a material adverse effect on the company’s financial condition or results of operations."

Las Vegas casino giant

Station Casinos operates some of the most recognizable casino resorts in the Las Vegas Valley through its parent company, Red Rock Resorts.

The company manages:

  • Red Rock Casino Resort Spa
  • Green Valley Ranch Resort Spa Casino
  • Palace Station Hotel & Casino
  • Boulder Station
  • Sunset Station
  • Durango Casino & Resort

Red Rock Resorts has reported over $2 billion in revenue.

ADVERTISEMENT

Station Casinos suffered outages in the past

While Station Casinos itself has not previously been publicly associated with major cyber incidents, Reddit users have reported unexplained technical outages affecting company systems in the past.

One Reddit post from August 2025 described disruptions impacting slot machines and ATM operations. “Red Rocks casino is currently down, along with the ATMs,” the user wrote.

station casinos
Screenshot by Cybernews

“This is ongoing, and it may relate to all Station Casinos.”

At the time, no cybersecurity incident was publicly confirmed, so it remains unknown whether it was related to a cyber incident or technical issues.

In 2024, the company experienced disruptions to its operations due to the CrowdStrike outage, which knocked 8.5 million Windows devices offline.

Las Vegas casinos remain prime cyber targets

The disclosure adds Station Casinos to the growing list of casino companies targeted by cybercriminals in recent years.

In 2023, ransomware attacks against MGM Resorts and Caesars Entertainment were linked to the Scattered Spider and ALPHV groups. The attacks caused widespread operational disruption across Las Vegas and reportedly cost MGM alone more than $100 million.

ADVERTISEMENT

More recently, in 2025, Boyd Gaming disclosed a cyberattack that resulted in employee data theft. Attackers stole Social Security numbers, pushing Boyd Gaming employees to file a lawsuit against the company.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

The same year, the Anubis ransomware gang claimed to have breached the $700 million Catawba Two Kings Casino, stealing detailed architectural blueprints. Among the stolen data were allegedly layouts of security systems and the casino vault itself.

DraftKings disclosed a credential-stuffing breach that gave attackers unauthorized access to customer accounts and sensitive personal information.

In 2026, ShinyHunters claimed to have exfiltrated 800,000 records from Wynn Resorts and issued a public ultimatum threatening to release the data.

Wynn confirmed the breach days later and reassured stakeholders that the stolen data had not been leaked. In April 2026, reports revealed that more than 21,000 employees had been affected in total. The company’s statements indicate that it likely paid a ransom to the attackers.

Updated on May 25th [10:00 a.m. GMT+2] with a statement from Station Casinos.

Unlock more exclusive Cybernews content on YouTube.

ADVERTISEMENT
Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked