- Today
- Holidays
- Birthdays
- Reminders
- Cities
- Atlanta
- Austin
- Baltimore
- Berwyn
- Beverly Hills
- Birmingham
- Boston
- Brooklyn
- Buffalo
- Charlotte
- Chicago
- Cincinnati
- Cleveland
- Columbus
- Dallas
- Denver
- Detroit
- Fort Worth
- Houston
- Indianapolis
- Knoxville
- Las Vegas
- Los Angeles
- Louisville
- Madison
- Memphis
- Miami
- Milwaukee
- Minneapolis
- Nashville
- New Orleans
- New York
- Omaha
- Orlando
- Philadelphia
- Phoenix
- Pittsburgh
- Portland
- Raleigh
- Richmond
- Rutherford
- Sacramento
- Salt Lake City
- San Antonio
- San Diego
- San Francisco
- San Jose
- Seattle
- Tampa
- Tucson
- Washington
Hackers Demand $1.5 Million from Top Las Vegas Hotel in Ransomware Attack
ShinyHunters claim to have stolen 800,000 employee records from Wynn Resorts
Published on Feb. 23, 2026
Got story updates? Submit your updates here. ›
The infamous ransomware group ShinyHunters has allegedly breached the systems of Wynn Resorts, one of the top hotel and casino operators in Las Vegas. The hackers claim to have stolen over 800,000 employee records and are demanding a $1.5 million ransom to prevent the data from being leaked online.
Why it matters
This latest attack on a major Las Vegas hotel highlights the growing threat of ransomware groups targeting the hospitality industry. The stolen employee data could be used for a variety of malicious purposes, including identity theft and phishing scams, posing a significant risk to Wynn Resorts' staff. The incident also raises concerns about the cybersecurity measures in place at large hospitality companies.
The details
According to the hackers, they gained access to Wynn Resorts' systems in September 2025 through a vulnerability in the company's Oracle PeopleSoft software, using an employee's credentials. The group has shared a sample of the stolen data, which includes employees' full names, email addresses, phone numbers, positions, salaries, start dates, and birth dates. ShinyHunters is demanding 23.34 Bitcoin, approximately $1.55 million, to delete the stolen data and not release it on the dark web.
- The breach allegedly occurred in September 2025.
- The hackers have given Wynn Resorts a deadline of February 23, 2026 to pay the ransom.
The players
ShinyHunters
A prolific ransomware group that has targeted numerous organizations, including other major Las Vegas hotel and casino companies.
Wynn Resorts
A leading hotel and casino operator in Las Vegas, Nevada, known for its high-end properties and amenities.
What they’re saying
“We must not let individuals continue to damage private property in San Francisco.”
— Robert Jenkins, San Francisco resident (San Francisco Chronicle)
What’s next
Wynn Resorts has not yet responded to the hackers' demands or confirmed the breach. The company will likely need to investigate the incident, assess the extent of the data breach, and determine the appropriate course of action to protect its employees and mitigate the impact of the attack.
The takeaway
This ransomware attack on Wynn Resorts underscores the growing threat of cybercrime targeting the hospitality industry. Companies in this sector must prioritize robust cybersecurity measures, including regular software updates, employee training, and incident response planning, to safeguard their operations and protect their employees' sensitive information.
Las Vegas top stories
Las Vegas events
Mar. 9, 2026
Farrell Dillon Comedy Magician
Mar. 9, 2026
Blue Man Group Las Vegas