Las Vegas-based Boyd Gaming said a cyberattack netted data from the casino company and information about individuals, but didn’t affect operations, according to a filing with the Securities and Exchange Commission.
The filing said Boyd recently experienced a cybersecurity incident in which “an unauthorized third party accessed our internal IT system. The cybersecurity incident has had no impact on the company’s properties or business operations.”
The company, however, said it has determined that the unauthorized third party “removed certain data from the company’s IT systems, including information about employees and a limited number of other individuals. The company is notifying impacted individuals and has notified or will notify its various regulators and other governmental agencies as required.” Boyd didn’t specify who the other individuals were.
Upon detecting the incident, Boyd said in the filing that it promptly took steps to respond to the incident with the assistance of leading external cybersecurity experts and in cooperation with federal law-enforcement authorities.
“As of the date of this filing, the company believes that the incident will not have a material adverse effect on the company’s financial condition or results of operations,” the filing said. “The company maintains a comprehensive cybersecurity insurance policy, which we expect will cover costs associated with incident response and forensic investigations, as well as business interruptions, legal actions, and regulatory fines, if any, subject to policy limits and deductibles.”
