In a significant development for the US gaming industry, Las Vegas authorities have apprehended a teenage suspect allegedly involved in a string of cyberattacks that rocked the Strip in 2023.
The attacks targeted some of the most prominent names in the casino world, MGM Resorts International and Caesars Entertainment, resulting in massive financial losses and operational chaos.
According to the Las Vegas Metropolitan Police Department, the suspect, who was 15 at the time of the attacks and is now 17, turned himself in to the Clark County Juvenile Detention Center in September 2025. He faces multiple charges, including extortion, conspiracy, and computer-related offenses.
The cyberattacks, which occurred between August and October 2023, were attributed to a sophisticated threat group known by aliases such as Scattered Spider, Octo Tempest, and UNC3944.
The Las Vegas Metropolitan Police Department’s LVMPD Cyber Investigative Group has arrested a teenage male juvenile in connection with a cyber-attack that occurred in 2023.
In 2023 a cyber threat-actor group targeted several Las Vegas casino properties between August and… pic.twitter.com/K5191m3wBw— LVMPD (@LVMPD) September 19, 2025
Fallout for the Casino Giants
Caesars Entertainment reportedly paid a $15 million ransom to the attackers in an attempt to mitigate further damage.
MGM Resorts, on the other hand, refused to pay, resulting in an estimated $200 million in losses, including the theft of over 65,000 Social Security numbers, according to prosecutors. MGM has since disputed the exact figure but acknowledged significant disruption.
The breach not only exposed sensitive customer data but also crippled hotel operations, including reservation systems, digital room keys, and slot machine functionality, highlighting the vulnerability of even the most technologically advanced casino operations.
Industry-Wide Wake-Up Call
These 2023 cyberattacks underscore the urgent need for enhanced cybersecurity protocols across the gaming and hospitality sectors. With casinos increasingly reliant on digital infrastructure, the incident serves as a stark reminder that cyber resilience is now as critical as physical security on the casino floor.
How Do Online Casinos Protect Their Players’ Sensitive Data?
Legal online casinos for US players safeguard their players from cyber threats by employing robust encryption, secure login systems, and regular security audits.
Licensed sites adhere to strict regulations set by gaming authorities and frequently collaborate with cybersecurity experts to monitor for risks such as hacking, phishing, and data breaches. These measures help ensure that players’ personal and financial information stays safe while they enjoy online gaming.
However, both domestic and all online gambling sites are susceptible to online attacks, but no more than any other online service that holds personal information online.