New York Outage at Jake’s 58 Was Cybersecurity Incident With Developer Everi, Regulators Confirm

On October 17, Everi Holdings, the company that operates the video lottery terminal (VLT) network for the New York State Gaming Commission (NYSGC), was hit by what the regulator calls a serious cybersecurity “event.”

The incident led to the temporary shutdown of some casinos in the state, including Jake’s 58 in Long Island, which was closed for three days. The NYSGC and Everi have been mostly quiet about the attack, other than reassuring customers that their information has not been compromised.

VLTs operate like slot machines, but are linked to the state’s central lottery system, offering fixed odds like lottery scratch-offs.

The NYSGC contracts out the operation of these terminals to Everi Holdings, which distributes them to New York casino venues. This is why multiple properties, such as Jake’s 58 and Resorts World Hudson Valley, experienced simultaneous issues during the cyberattack.

“On Tuesday, October 17, 2023, Everi, the licensed operator of New York’s video lottery gaming central system, experienced a cybersecurity event that remains under investigation,” said Gaming Commission spokesman Brad Maione, as reported by The New York Post.

Suffolk OTB Too Quick off the Mark

As we reported at the time of the incident, Phil Boyle, the president of Suffolk OTB (the parent company of Jake’s 58), was quick to comment, and the casino denied it was a cyberattack in a social media post.

However, the new confirmation from the NYSGC says otherwise. It also leans in to media speculation from last week that a cyberattack was to blame.

Now, Boyle has had to assure customers that no breaches occurred, and their personal information is still secure. The Commission also backed that up, even as some cybersecurity experts advised players to monitor their accounts closely, as Everi has access to some personal information collected on the VLTs.

“The Commission has no indication that personal identifiable information was compromised. The Commission continues to monitor the situation,” said Maione.

U.S. Gambling Operators a Target

The New York casino is owned by Suffolk OTB, or Off-Track Betting, a prominent figure in U.S horse race betting.

Jake’s 58 Casino Hotel in Islandia, Long Island, features around 1,000 VLTs, which all went offline during the incident. The casino recently received a green light from local officials for a $200 million expansion, which will double the number of VLTs on an expanded gaming floor.

Jake’s58 brings in around $350 million of revenue a month, and is one of the best-performing gambling venues in the state. The incident resulted in a three-day closure and an estimated loss of $2 million.

That’s dramatic, but far from 2023’s biggest cyber incident-led loss in the U.S casino sector. In early September, famous operators of Nevada casino venues Caesars Entertainment and MGM Resorts International were hit by serious cyberattacks.

MGM lost more than $100 million while it dealt with the outages at its casino properties nationwide. But Caesars Entertainment paid up a multimillion ransom to avoid disruption.

Although services are now restored at the giant Las Vegas casinos and beyond, both operators are facing lawsuits over the incident.

In addition to the Everi incident, the Westchester Medical Center Health Network was also hit by a cyberattack on the same day, although there is no indication they were related.

Earlier in 2023, U.S-facing, cryptocurrency-based offshore casino Stake.com was also hit by a massive hack in which it lost more than $40 million worth of various cryptocurrencies. That attacked turned out be perpetrated by North Korean-affiliated cybercriminals, according to the FBI.