Nevada’s Governor’s Technology Office is warning businesses and casino operators statewide to heighten their defenses against a surge in phishing and vishing attacks, following a data breach at Wynn Resorts that exposed records for more than 800,000 current and former employees.
The Nevada Gaming Control Board forwarded the Cybersecurity Notice to licensees, urging heightened vigilance across daily operations. The notice, issued by Adam Miller, deputy director of the Office of Information Security & Cyber Defense, cited a rise in incidents across organizations in critical Nevada industries. Phishing typically uses deceptive emails, texts, or links to steal credentials; vishing relies on phone calls or voicemail to impersonate trusted executives, vendors, or IT contacts.
“This is especially important when handling requests involving account access, password resets, wire transfers, changes to payment instructions, sensitive records, or any action that relies on identity verification,” according to a Cybersecurity Notice issued by the Governor’s Technology Office.
“Please do not take shortcuts in authentication or verification processes. A request that appears urgent, routine, or familiar may still be fraudulent. Attackers often rely on urgency, impersonation, and human trust to bypass normal controls,” the notice said.
The Technology Office specifically flagged human resources departments and casino personnel who handle confidential information as high-risk targets. Organizations are encouraged to implement two-step or multi-factor authentication and to review internal procedures for account and network verification.
The warning follows the Wynn Resorts breach, in which the hacking group ShinyHunters claimed to have stolen roughly 800,000 employee records — including names, Social Security numbers, salaries, and birthdates — and demanded $1.5 million in Bitcoin. Wynn confirmed the breach and said the attackers subsequently claimed to have deleted the stolen data; the company is offering credit monitoring to affected employees. The incident echoes 2023 cyberattacks on Caesars Entertainment and MGM Resorts, the latter of which suffered an estimated $100 million in operational disruptions.