We’ve told you about the new SEC rules requiring disclosure by public companies of material cyber attacks within four business days. The rules are still being phased in, but Caesars Entertainment appeared to be proactive after its recent social-engineering breach that disclosed the driver’s license and/or social security numbers of loyalty program members. The attack came days after what appears to be a more damaging attack on MGM Resorts.
Below are some excerpts from the 8K filing.
The company says it doesn’t know if its losses will be covered by cyber insurance.
This statement implies to us that Caesars is paying a ransom to get the stolen date deleted.
More info from the form:
