Oyo Hotel & CasinoSummary:

  • A data breach at OYO Hotel & Casino in early January affected 4,741 people.
  • The incident, reported in September, involved unauthorized access to Paragon Tropicana Inc.’s network.
  • OYO joins other Las Vegas casinos recently targeted by major hacking groups.

OYO Hotel & Casino Las Vegas experienced a cyberattack earlier this year that may have exposed personal data belonging to more than 4,700 people, as per documents filed with the Maine Attorney General’s Office.

The breach, says 8 News Now, occurred between January 8 and January 11, affecting 4,741 individuals. However, it was only officially reported approximately eight months later.

“Unusual Activity” in the Hotel & Casino’s Shared Network

In a notification letter sent on October 9, Paragon Tropicana Inc. (PTI), a subsidiary of Paragon Gaming, which operates the casino located off The Strip near Koval Lane, told affected individuals that

on or around January 11, the company was informed of unusual activity in the hotel and casino’s shared network environment.

The casino, that is under the ownership of OYO Hotels and Highgate Hotels, initiated an investigation into the incident, eventually confirming that some PTI data had likely been stolen.

The breach was classified as an “external system breach (hacking)” and was officially reported on September 18, roughly eight months after the incident took place.

Following the discovery, PTI began a thorough review to determine which personal details were compromised. That review concluded in September. It’s not yet clear what type of information was accessed, but those affected have been notified.

Not the Only Victim

OYO is not the only Las Vegas casino to deal with a cyberattack in recent years. For example, in 2023, a group of hackers known as under various names like Scattered Spider, Octo Tempest or UNC3944, targeted Caesars and MGM.

Caesars reportedly paid approximately $15 million to the hackers after receiving threats. However, MGM Resorts did not follow suit, and their refusal to pay eventually triggered major financial and operational fallout.

According to Clark County Chief Deputy District Attorney Summer Clarke, the attack resulted in the theft of more than 65,000 Social Security numbers and losses exceeding $200 million. MGM later disputed that figure, citing an SEC filing that placed the impact closer to $110 million.

About the Author

Author Sadonna Price has been part of the online casino industry for over a decade, watching it develop and expand across the US. She enjoys playing online slots and table games, as well as Texas Hold’em.