Two more class action lawsuits have been filed in US District Court in Nevada against Wynn Resorts Ltd. in connection with a cyber attack data breach on Friday, claiming the casino company did not do enough to protect customers’ private information.
The Las Vegas-based luxury resort company on Tuesday acknowledged the attack, but a spokesman said it has ensured that the stolen data has been deleted.
The hacking extortion group calling itself ShinyHunters had set a Monday deadline for payment of a ransom and threatened to release all or some of the 800,000 files it allegedly stole from the company that contained the full names, emails, phone numbers, job titles, salaries, start dates, birthdays and other personal information of Wynn Resorts employees.
Wynn officials say they won’t comment beyond an emailed statement issued Tuesday, and the company says it won’t say whether it has paid any ransom. The company does not routinely comment on ongoing litigation.
There has been no indication that customer information was stolen from Wynn’s databases.
Despite that, three class actions have been brought to the district court, the first of which was filed the day after the attack. Since then, two more similar complaints were filed Tuesday by Henderson resident Drake Maynard and Las Vegas resident Tyrone Li. The first lawsuit was filed Saturday by California resident Richard Reed. All lawsuits are filed on behalf of all others in a similar manner to Wynn customers.
The two new complaints were filed by the same Las Vegas law firm, Stranch, Jennings & Garvey Pllc. The seven complaints allege negligence, per se negligence, unjust enrichment, invasion of privacy, breach of fiduciary duty and breach of implied contract and seek a declaratory judgment.
According to the lawsuit, despite having the financial resources and personnel necessary to prevent the data breach, Wynn “nevertheless failed to employ reasonable security procedures and practices appropriate to the nature of the sensitive, unencrypted information it maintained for Plaintiffs and Class Members, causing the exposure of Plaintiffs’ and Class Members’ private information.”
–
