A Wynn Resorts cyberattack has been confirmed, as the Las Vegas resort was the target of a significant data breach after a cybercriminal group known as ShinyHunters claimed to have exfiltrated sensitive information from the company. The public first learned of the attack when the resort operator was listed on the group’s data leak website in late February 2026. The hackers initially demanded a ransom of approximately 1.5 million dollars in Bitcoin and threatened to release over 800,000 records if their demands were not met.
According to company statements and cybersecurity reports, the cyberattack primarily targeted employee data rather than guest information. The compromised records reportedly include a wide range of personal data and information such as full names, email addresses, phone numbers, job positions, salaries, and Social Security numbers. This specific Wynn Resorts cyberattack appears to have originated as early as September 2025 by exploiting a vulnerability in the Oracle PeopleSoft platform used for human resources and payroll management.
Wynn officials stated that they activated incident response protocols immediately upon discovering the unauthorized access. The company emphasized that the attack has had no impact on its guest experience, physical properties, or daily operations, which remain fully functional. In a notable update, the company mentioned that the unauthorized third party has since stated the stolen data has been deleted. While Wynn has not confirmed if a ransom was paid, the removal of the company from the hackers’ leak site often suggests a completed negotiation following the attack.
Despite assurances that the data was deleted, cybersecurity experts warn that there is no reliable way to verify such claims, as threat actors often retain copies of stolen information. In response to the potential exposure caused by the Wynn Resorts cyberattack, the company is offering credit monitoring and identity protection services to the affected employees.
The Wynn Resorts cyberattack has also triggered legal consequences, as the company now faces federal class-action lawsuits filed in Nevada. These legal filings allege negligence, claiming the company failed to adequately protect sensitive payroll and individual data from the cyberattack. Plaintiffs seek damages and a jury trial, arguing that the exposure puts thousands of individuals at risk of identity theft. This incident follows a pattern of high-profile attacks on the Las Vegas gaming industry, serving as a reminder of the persistent threats highlighted by the Wynn Resorts cyberattack.
