Wynn Resorts Confirms Employee Data Breach Following ShinyHunters Extortion Attempt
Learn More
Wynn Resorts, a Las Vegas-based luxury hotel and gaming operator, confirmed a data breach exposing employee records in February 2026.
The incident became public after the ShinyHunters threat group listed the company on its extortion site on February 20, 2026, issuing a warning for payment. The ShinyHunters group reportedly demanded a ransom of 22.34 Bitcoin, valued at approximately $1.5 million. Wynn has not confirmed a ransom payment but the hackers removed Wynn from its leak site after claiming the stolen data was deleted.
The compromised data includes:
- Social Security numbers (SSNs)
- Full names and birth dates
- Email addresses and phone numbers
- Job positions and start dates
- Salary information
The number of affected individuals is not disclosed.
The threat actor claims to have exfiltrated over 800,000 files. Wynn Resorts stated that the breach primarily affected employee records and found no evidence that guest data was compromised.
Wynn Resorts hired external cybersecurity experts to investigate and is providing 12 months of free credit monitoring and identity protection services to all affected employees. The company reported that its seven global resort properties remained fully operational with no disruption to guest services or business systems.
