Casinos Under Fire: Boyd Gaming Faces Wave of Data Breach Lawsuits

/in /by

Data Breach Lawsuits Hit Boyd Gaming Amidst Growing Security Concerns in Online Casinos

An overview of the lawsuit reveals complex legal battles that frequently arise within the high-stakes world of global casinos.

  • Boyd Gaming is facing a class-action lawsuit following a cyberattack last month.
  • The lawsuit claims Boyd failed to adequately protect customer and employee data.

Las Vegas-based Boyd Gaming Corporation, publicly traded as BYD, is now confronting six federal lawsuits in Nevada originating from a cyberattack that occurred back in September, which compromised sensitive personal data.

Vegas office
Image by markusspiske from Pixabay

The lawsuits, initiated by four different law firms, assert that Boyd did not implement sufficient cybersecurity measures, hence allowing unauthorized access to sensitive information that the company legally needed to protect.

Class-Action Status Sought

Each lawsuit seeks class-action status, representing thousands of individuals, including both current and former employees and customers. The first lawsuit was filed by Scott Levy, a former Boyd employee residing in Las Vegas. Subsequently, five more individuals joined the legal action:

  • Deandric Price (Las Vegas)
  • Sherekia Price (Louisiana)
  • Larry Harris (Texas)
  • Patricia Tiedtke (Cincinnati)
  • Holly Neely (Location undisclosed)

What Boyd Acknowledges

On September 23, the company filed with the SEC, acknowledging that cybercriminals had accessed its systems and extracted data that included employee records and other sensitive information tied to a “limited number of other individuals.” Boyd stated it is notifying those affected and plans to report the breach to the appropriate regulators and government agencies as required.

“In response to the incident, Boyd quickly engaged leading cybersecurity experts and collaborated with federal law enforcement authorities,” the company mentioned in its filing. Furthermore, it emphasized that it holds a comprehensive cybersecurity insurance policy, which it expects will cover various associated costs, including incident responses, forensic investigations, legal actions, and any regulatory fines, all subject to policy limits and deductibles.

While several lawsuits claim the breach took place between September 5 and 7, Boyd has not yet confirmed the exact timeline, the extent of the data exposure, or whether a ransom was paid. The company maintains a policy of non-commenting on active litigation.

Boyd Gaming operates 11 local casinos in the Las Vegas Valley, three of which are situated in downtown Las Vegas, and has nearly a dozen other gaming establishments dispersed across ten states.

Summary

Boyd Gaming is currently embroiled in legal battles stemming from a significant data breach. The class-action lawsuits highlight allegations of insufficient data protection protocols, leading to compromised sensitive customer and employee data. As dozens of affected individuals come forward, Boyd is taking steps to address the issue while navigating the challenges of litigation.