ShinyHunters Demands $1.5M Ransom from Wynn Resorts, Threatens to Leak 800,000 Employee Records

The ShinyHunters cybercrime gang has targeted Las Vegas hospitality and casino giant Wynn Resorts, demanding a $1.5 million ransom to prevent the leak of a massive trove of sensitive employee data. The group claims to have stolen over 800,000 records containing employees' Social Security numbers, salaries, and other private details, setting a hard deadline of February 23 for the company to pay. Failure to comply, the extortionists warned, would result in the public release of the data alongside unspecified "annoying (digital) problems" for the resort chain.

Samples of the stolen data, reviewed by The Register, confirm the breach's severity. The records include employees' full names, email addresses, phone numbers, job positions, salaries, start dates, and birthdays. A spokesperson for ShinyHunters stated the gang's "starting price" for the stolen files is 22.34 Bitcoin, equivalent to approximately $1.5 million. The public listing on the gang's blog marks a significant escalation in pressure against Wynn Resorts, a major player in the global gaming and luxury hospitality sector.

The incident places immense scrutiny on Wynn Resorts' cybersecurity posture and data protection measures. A leak of this magnitude, containing highly sensitive personal identifiable information (PII) and financial details of a large workforce, poses severe risks of identity theft, financial fraud, and targeted phishing campaigns against employees. The threat of accompanying digital disruptions adds another layer of operational risk for the company. This attack follows a pattern of high-profile extortion campaigns by ShinyHunters, signaling continued aggressive targeting of major corporations with valuable data assets.