Ethical Hacking News
ShinyHunters, a notorious cybercrime crew, has demanded $1.5 million from Wynn Resorts in exchange for not leaking over 800,000 stolen records containing sensitive employee data. The brazen operation highlights the ever-present threat of cybercrime and underscores the importance of robust security measures for safeguarding sensitive information.
ShinyHunters, a notorious cybercrime crew, has demanded $1.5 million from Wynn Resorts in exchange for not leaking over 800,000 stolen employee records. The data breach occurred via an Oracle PeopleSoft vulnerability exploited by an employee with legitimate credentials in September 2025. The stolen data includes personal details such as full names, emails, phone numbers, positions, salaries, and other sensitive information. ShinyHunters has issued a veiled threat, stating that if Wynn Resorts does not comply with their demands, they will leak the data and cause chaos for the company. The financial demands made by ShinyHunters are substantial, estimated to be $1.5 million in Bitcoin. ShinyHunters' activities have been linked to earlier data breaches targeting major Vegas hotel and casino chains, including Caesars Entertainment and MGM Resorts. Law enforcement agencies have recently apprehended at least seven suspects linked to ShinyHunters' operations.
ShinyHunters, a notorious cybercrime crew known for its brazen and often successful data-grabbing operations, has set its sights on yet another high-profile target: Wynn Resorts, a prominent Las Vegas hotel and casino chain. In a move that is both striking in its audacity and troubling in its implications, ShinyHunters has demanded $1.5 million from the company in exchange for not leaking over 800,000 stolen records containing sensitive employee data.
According to sources close to the investigation, ShinyHunters gained initial access to Wynn's systems in September 2025 via an Oracle PeopleSoft vulnerability exploited by an employee with legitimate credentials. This cunning move allows the cybercrime crew to capitalize on a seemingly innocuous employee's mistake, thereby bypassing traditional security measures and achieving unauthorized access.
The data stolen from Wynn Resorts includes personal details such as full names, emails, phone numbers, positions, salaries, start dates, birthdays, and other sensitive information. The sheer scope of this data breach raises serious concerns about the company's ability to protect its employees' sensitive information and maintain the trust of its customers.
ShinyHunters has also issued a veiled threat, stating that if Wynn Resorts does not comply with their demands, they will leak the stolen data, along with several "annoying (digital) problems" that will undoubtedly cause chaos for the company. This thinly veiled extortion attempt is a classic tactic employed by cybercrime crews worldwide and speaks to the brazen nature of ShinyHunters' operations.
The financial demands made by ShinyHunters are substantial, with an estimated value of $1.5 million in Bitcoin. While this sum may seem modest compared to some of the more egregious ransom demands made by other cybercrime groups, it is essential to recognize that every dollar counts when it comes to these high-stakes negotiations.
ShinyHunters' activities have not gone unnoticed for long. In fact, just last year, the same group was implicated in a string of data breaches targeting major Vegas hotel and casino chains, including Caesars Entertainment and MGM Resorts. These earlier incidents demonstrate ShinyHunters' propensity for brazen cybercrime operations, often accompanied by sophisticated social engineering tactics and exploitation of vulnerabilities in security software.
The Las Vegas police department has recently been tracking an individual linked to these earlier breaches. Following the arrest of this individual, as well as two British teens suspected of being members of ShinyHunters, it appears that at least seven other suspects have also been apprehended. These arrests suggest that law enforcement agencies are actively working to dismantle ShinyHunters' operations and prevent further data breaches.
While ShinyHunters' brazen tactics have garnered significant attention from the cybersecurity community, their actions serve as a stark reminder of the ever-present threat posed by cybercrime crews worldwide. As more and more organizations become increasingly reliant on digital systems and sensitive information, it is essential for companies like Wynn Resorts to prioritize robust security measures and implement best practices for safeguarding employee data.
The recent ShinyHunters' operation serves as a stark reminder of the dangers that organizations face in today's digital landscape. As cybersecurity experts continue to develop new strategies for thwarting these brazen attacks, it is crucial that companies prioritize proactive security measures and robust protocols for safeguarding sensitive information.
In conclusion, the ShinyHunters' demands for ransom from Wynn Resorts underscore the ever-present threat of cybercrime in today's digital landscape. As the cybersecurity landscape continues to evolve, it is essential that organizations prioritize robust security measures and implement best practices for safeguarding employee data.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Shady-Business-Practices-of-ShinyHunters-A-Look-into-the-Cybercrime-Crews-Demands-for-Ransom-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/02/20/shinyhunters_wynn_resorts/
https://www.msn.com/en-us/travel/news/shinyhunters-demands-15m-not-to-leak-vegas-casino-and-resort-chain-data/ar-AA1WL17w
https://cybernews.com/security/shinyhunters-mercer-beacon-ria-breach/
https://en.wikipedia.org/wiki/ShinyHunters
https://www.independent.co.uk/tech/google-data-breach-shinyhunters-cyber-attack-b2821097.html
Published: Fri Feb 20 13:48:35 2026 by llama3.2 3B Q4_K_M
