Posted On February 21, 2023 Consumer Privacy & Data Breaches
February 21, 2023 – Rancho Mesquite Casino, now known as Eureka Casino Resort, filed a data breach notice with the Maine Attorney General on December 16, 2022 after learning of a ransomware attack on the company’s computer network. According to the filing, an unauthorized party encrypted the consumer information, including names and Social Security numbers. Once the data leak was confirmed, Eureka Casino notified all 229,299 individuals affected by the security breach by letter.
If you receive a data breach notification, you must understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the Eureka Casino data breach. As a part of this investigation, we are providing free consultations to anyone affected by the leak who wants to learn more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from Eureka Casino Resort.
Eureka Casino Resort, owned by Rancho Mesquite Casino, is based in Mesquite, Nevada, employs over 631 people and generates approximately $124 million in revenue annually. As well as being owned by Rancho Mesquite Casino, Eureka used to be called Rancho Mesquite. The company renamed it Eureka Casino Resort in 2000. Some of the other businesses that Rancho Mesquite Casino owns are the Eureka Casino located in Las Vegas, Nevada, and The Brook in Seabrook, New Hampshire.
According to its filing with the Attorney General of Maine, Eureka Casino discovered a ransomware attack on November 9, 2022 when certain files on the company’s computer system were encrypted. The company sought help from a third-party cybersecurity firm in investigating the attack.
Eureka Casino confirmed the ransomware attack and that confidential consumer information had been accessed. The types of information exposed were consumer information like names and Social Security numbers.
On December 16, 2022, Eureka Casino sent notification letters informing all affected individuals of the attack and that their information had been compromised. Eureka Casino Resort sent a follow-up letter on February 16, 2023 reporting that 229,299 people had been compromised in the breach.
A ransomware attack is a cyberattack in which malicious software, or malware, is installed on a company’s computer system. This malware encrypts the data and prohibits the company from being able to access it. Encryption is a process where files on the system are encoded, and only those with the ability to decode them can access them.
Hackers will demand a fee, a ransom, to regain access to a company’s files, which is why it is referred to as ransomware. If the payment is made, usually the files will be unlocked, ending the attack.
However, some cyber criminals use a more malevolent approach to ensure the company pays for their data. If the organization has backups of the data, there is little reason for them to pay the fee. As a result, hackers may threaten to publish the information on the dark web if the company does not pay the ransom in what is known as “double extortion.”
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the Eureka Casino Resort data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.
Below is a portion of the letter sent to affected individuals:
Dear [Redacted],
Eureka Casino Resort recognizes the importance of protecting our customers’ information. We are writing to inform you that we recently identified and addressed a security incident that involved some of your information. This notice explains the incident, measures we have taken, and additional steps you may consider taking in response.
On November 9, 2022, Eureka experienced a cybersecurity incident during which some of our systems were encrypted by an unauthorized actor. Upon discovering the incident, we immediately took steps to secure our systems, began an investigation, and a cybersecurity firm was engaged to assist. Although the investigation is ongoing, we identified certain data that the unauthorized actor accessed during the incident. On January 24, 2023, we determined that this dataset included some of your information. The types of data varied by individual, but generally may have included your [Redacted].
We encourage you to remain vigilant by reviewing your credit reports and account statements for any unauthorized activity. In the event you discover unauthorized activity, you should immediately contact the relevant credit bureau, financial institution, and law enforcement.
As an added precaution, we are also offering you a complimentary one-year membership of Experian’s® IdentityWorksSM Credit 3B. This product helps detect possible misuse of your personal information and provides you with identity protection services focused on immediate identification and resolution of identity theft. IdentityWorks Credit 3B is completely free to you and enrolling in this program will not hurt your credit score. For more information on identity theft prevention and IdentityWorks Credit 3B, including instructions on how to activate your complimentary one-year membership, please see the additional information provided in this letter.
We regret that this occurred and apologize for any inconvenience. To further protect personal information, we are implementing several changes to enhance our existing security measures. For more information on identity theft prevention, including instructions on how to activate your complimentary one-year membership, as well as some additional steps you may consider taking to help protect your personal information, please see the additional information provided in the following pages. Should you have any further questions or concerns regarding this matter, please contact 855-961-4662, Monday through Friday, between 8:00 a.m. to 8:00 p.m., Central Time.
