Marina Bay Sands Cyberattack Saw Data Stolen From 650K Customers
Marina Bay Sands, the giant Singapore casino resort owned by U.S-based operator Las Vegas Sands, has revealed it was the victim of a cyberattack in which data from hundreds of thousands of customers was stolen.
The attack happened on October 19 and 20, but details have only just been revealed by the operator. The affected data was all from the resort’s Sands Lifestyle Rewards program.
“Investigations have since determined that an unknown third party accessed customer data of about 665,000 non-casino rewards program members,” Marina Bay Sands said in a statement posted on its website.
“Based on our investigation, we do not have evidence to date that the unauthorized third party has misused the data to cause harm to customers.”
Customer Data Stolen
The unidentified hackers gained access to and copied data from the resort’s Sands Lifestyle Rewards, which covers non-casino amenities at the property.
That data included more than 650,000 customer’s names, email addresses, phone numbers, and membership statuses.
No payment or banking data was compromised, Las Vegas Sands says. The hack was also limited to the non-casino gaming rewards club.
However, the information stolen could be sold on the dark web for use by fake email-sending phishing scammers. So, any existing Lifestyle Rewards members should be extra careful checking emails from the casino in the near future.
Marina Bay Sands says all the relevant authorities have been informed, and an investigation is ongoing.
“We have reported this incident to the relevant authorities in Singapore and other countries, where applicable, and are working with them in their inquiries into the issue,” the statement said.
Related: Bandits and Bounties slot, reviewed
Casino Operators Targeted
Marina Bay Sands is one of the most expensive and distinctive casino resorts in the world. The $8 billion venue’s three towers are topped by a giant sky bridge in the style of a boat. The resort’s casino features more than 500 table games and 1,500 slot machines. There’s also a 74,000-square-foot mall and a 1.3 million-square-foot convention and event space.
It is operated by Las Vegas Sands, who, despite the name and being based in Las Vegas, don’t actually own any Nevada casino venues at the current time.
With news of this latest casino cyberattack, Sands also joins the unenviable list of U.S. gambling operators hit by cybercriminals in 2023.
The operator refused to pay the ransomware attackers demands, leading to a $100 million loss in revenues.
Fellow Las Vegas-based global operator Caesars Entertainment also suffered a cyberattack weeks before MGM, but paid up a multimillion ransom to avoid disruption. Both operators are now facing lawsuits over the events.
Sands’ Return to the U.S. Possible
In the case of Marina Bay Sands, the operator does not appear to have been hit by ransomware.
Operations were not affected, and financial data was not compromised.
Las Vegas Sands made some $2.8 billion in revenue in 2023, as its Asian casino properties finally hit their stride in a bounce-back from pandemic restrictions. It sold its Las Vegas and other U.S. casinos in 2021 after the death of founder Sheldon Adelson in 2020.
But recently, it has shown interest in competing among New York casinos. Ahead of the competitive bidding opening for three new downstate New York casino licenses, Sands has planned a $4 billion resort in Nassau County, Long Island, New York.
Cuban envisioned a giant Dallas-Forth Worth area casino resort and entertainment complex, with Sands as the partner.
Sands late founder Adelson spent years investing millions into campaigns for legal casino gaming and sports betting in Texas without any real success.