The Nevada Gaming Control Board’s website has fallen victim to a cyberattack, causing it to be offline for several days. The cyberattack targeted both the Nevada Gaming Control Board and the Nevada Gaming Commission, which are responsible for regulating the state’s gaming industry. The affected website contained important information such as agency meeting agendas, gaming regulations, press releases, public statistics, contact details, and biographies of board and commission members. Fortunately, gaming license details and financial records were stored on a separate internal state agency system, avoiding exposure to the cyberattack.
The Nevada Gaming Control Board has taken immediate steps to mitigate the damage, including collaborating with cybersecurity experts to assess the situation and preparing to publish a temporary website for access to information. While the cyberattack exclusively targeted the gaming control board’s website, other state agencies have not reported any impact and continue to operate normally. The Nevada Gaming Commission’s monthly meeting proceeded as scheduled, without any mention of the incident.
This cyberattack comes after high-profile attacks on major casino operators in Nevada, including MGM Resorts International and Caesars Entertainment, last September. These attacks resulted in significant financial losses and reputational damage to the affected companies. Customers of Caesars Entertainment and MGM Resorts International have initiated five class-action lawsuits in Nevada District Court, alleging that the companies neglected to safeguard crucial customer data during the cyberattacks, contravening Federal Trade Commission guidelines.
In response to cyber threats, Nevada lawmakers approved funds for upgrading the Nevada Gaming Control Board’s information technology system in June. This move aimed to replace the outdated system from the 1980s with a more secure and efficient system. Stakeholders express optimism that ongoing inquiries into the recent cyberattack will lead to actions to strengthen the cybersecurity framework and protect essential state operations from future disruptions.