Regulator: Investigation into Sands hack ongoing (Update)February 13, 2014 by Hannah Dreier in Technology / Security
A Nevada gambling regulator said Thursday afternoon that it's unclear whether the hackers who knocked down all of Las Vegas Sands Corp.'s websites for three days and counting had stolen patron data, including credit card information.
Nevada Gaming Control Board chairman A.G. Burnett said regulators' first priority after the world's largest casino operator was hacked Monday was to ensure the safety of player information and the integrity of the gambling systems.
Burnett said Sands officials told him that preliminary indications suggested these two areas had not been breached, but the company was continuing to investigate. He amended his statement earlier in the day, when he said player information had not been compromised.
Las Vegas-based casino operator Affinity Gaming announced in December that its credit-card transactions had been hacked and warned its 300,000 customers to take steps to protect themselves from identity theft.
Sands spokesman Ron Reese declined to discuss whether credit card information was breached in the hacking, and instead pointed to a statement the company made Wednesday saying it was working through a step-by-step process to ascertain what systems had been impacted.
The damage the hacking has done goes beyond the defaced websites, which Sands took down Tuesday morning. Email wasn't functioning and company employees remain unable to log into their work computers.
Gaming regulators are now working to ensure Sands did everything possible to protect employee information. The hackers, whose identities remain unknown, posted Social Security numbers on the Sands sites. The information belonged to employees of Sands' Bethlehem, Pennsylvania, casino.
Sands employs about 5,000 people around the world.
© 2014 The Associated Press. All rights reserved.
"Regulator: Investigation into Sands hack ongoing (Update)" February 13, 2014 http://phys.org/news/2014-02-sands-hackers-didnt-credit-cards.html