We have no evidence to date that any member passwords/PINs, bank account information, or payment card information (PCI) were acquired by the unauthorized actor,' the company stated in SEC filing.Ĭaesars said it has taken steps to ensure, but could not guarantee, that the unauthorized actor is erasing the data it acquired, but did not describe those steps. 'We determined that the unauthorized actor acquired a copy of, among other data, our loyalty program database, which includes driver’s license numbers and/or social security numbers for a significant number of members in the database. A social engineering attack basically tricks an individual into giving away access, or information that allows access to a secure system. Securities and Exchange Commission that it discovered the breach followed a 'social engineering attack' on one of its outsourced IT support vendors. The Associated Press reports it is not clear who is responsible for the attack on Caesars, whether Caesars paid a ransom to the attacker or whether the same party is believed to have attacked MGM. and managed to obtain personal information of many of its customers. Just prior to the MGM cyberattack, an 'unknown actor' attacked Caesars Entertainment Inc. MGM Resorts SeptemCaesars Entertainment also suffered cyberattack