Wynn Resorts takes attacker’s word for it that stolen staff data was deleted

Steven

Wynn Resorts takes attacker’s word for it that stolen staff data was deleted

Summary

Wynn Resorts has confirmed that an unauthorised third party stole employee data and says the attacker told the company the data has been deleted. The company activated incident response protocols and is working with external cybersecurity advisers; it reports no evidence so far that the data has been published or misused and says hotel operations were unaffected.

Security experts told The Register the claim of deletion is suspicious and often indicates either a ransom payment or an extortion negotiation, because there is no reliable way to verify deletion—or prevent copies being retained or shared later. Wynn is offering free credit monitoring and identity protection to staff while it continues to investigate.

The breach was claimed by the ShinyHunters gang, which said it exploited an Oracle PeopleSoft vulnerability and used a staffer’s credentials, with the group asserting the intrusion dated back to September 2025. A sample of the stolen records shared with The Register appeared to include full names, emails, phone numbers, job roles, salaries, start dates and dates of birth.

Key Points

  • Wynn confirms employee data was stolen and says the attacker claims the stolen data has been deleted.
  • External cyber experts are assisting Wynn; the company reports no sign yet of published misuse and no operational impact.
  • Security pros warn attacker assurances of deletion are unreliable and commonly follow extortion negotiations or ransom payments.
  • Wynn is offering staff free credit monitoring and identity protection as a precautionary measure.
  • ShinyHunters claims it exploited an Oracle PeopleSoft vulnerability and used compromised staff credentials; sample data appears to include sensitive personal details.

Why should I read this?

Short version: a big-name hotel chain is taking a criminal’s word that stolen staff data was deleted — and security folk say that’s a lousy bet. If you care about breach response, extortion signals, or employee data exposure (and you should), this story saves you the time of wading through the noise.

Source

Source: https://go.theregister.com/feed/www.theregister.com/2026/02/25/wynn_resorts_shinyhunters/