Wynn Resorts Says 21,000 Employees Affected by ShinyHunters Hack

Wynn Resorts confirmed in late February that hackers had obtained employee data - including SSNs.

The hackers had reportedly sought a ransom of more than 22 bitcoin (roughly $1.5 million).

#Wynn #ransom #shinyhunters #dataleak #databreach #security #cybersecurity #hackers #hacking #hacked

https://www.securityweek.com/wynn-resorts-says-21000-employees-affected-by-shinyhunters-hack/

When people keep advising victims not to pay ransom because threat actors can't be trusted to really delete all the data, my inner researcher kicks in and wants to know how often that really happens.

So I started sending out inquiries.

Now you might think that those who publicly and repeatedly urge journalists to "spread the word" not to pay would respond and share some of their experiences with untrustworthy threat actors, but no..... they didn't even respond.

Read about the replies I did get, because they really surprised me.

I have no doubt that some professionals will hate what I have reported, but then, perhaps they should have responded, too, if they think differently.

How often do threat actors default on promises to delete data?
https://databreaches.net/2026/04/05/how-often-do-threat-actors-default-on-promises-to-delete-data/

#databreach #incidentresponse #ransom

@zackwhittaker @campuscodi @euroinfosec @lawrenceabrams @jgreig @securityaffairs @Hackread @h4ckernews

I am a big fan of BakerHostetler's annual data security incident response reports because they are based on actual client experiences and data.

I just posted about their 2026 report, and commented on their healthcare sector data. As I had mentioned to @siguza, healthcare breaches tend to get higher ransom demands and higher settlements. Take a look at the 2025 data -- the highest initial ransom demand for a health entity client was $98M.

I'd love to know who the victim was and what TA or group demanded that much.

That said, the highest ransom actually paid for a healthcare sector breach by one of their clients last year was $5M.

Big delta.

My post: https://databreaches.net/2026/04/03/bakerhostetlers-2026-report-findings-from-1250-clients-breach-experiences-in-2025/

#ransomware #healthsec #incidentresponse #statistics #phishing #ransom #malware #databreach #cybersecurity

@campuscodi @amvinfe

Cyber sleuths uncover nefarious techniques to take malware (dubbed Omnistealer) posted in GitHub and use social engineering techniques to get it embedded into blockchains where the malware may be stored forever and make it difficult to root out as the chains grow.

"Hiding malicious payloads within blockchain has become an emerging obfuscation technique."

Omnistealer is capable of stealing cryptocurrency, passwords and privileged credentials for accessing an organization's information. https://www.pcmag.com/news/malware-is-sleeping-on-the-blockchain-and-its-already-infected-dozens-of #CyberSecurity #Ransom-ISAC #Security #CyberAttack #Malware #BlockChain #GitHub #FakeJobs #FakeRecruiters #JobInterviews #OmniStealer #Cyber #SocialEngineering

DATE: March 26, 2026 at 07:27AM
SOURCE: HEALTHCARE INFO SECURITY

Direct article link at end of text block below.

How #CyberAttack, #Ransom, #DataBreach Trends Are Evolving: @BakerHostetler Annual Threat Report Spotlights Latest Trendshttps://www.healthcareinfosecurity.com/how-attack-ransom-breach-trends-are-evolving-a-31182

Here are any URLs found in the article text:

https://www.healthcareinfosecurity.com/how-attack-ransom-breach-trends-are-evolving-a-31182

Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

-------------------------------------------------

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

Most of us have probably read that one reason not to pay threat actors is that they cannot be trusted to keep their word to delete data they have exfiltrated. But how often does that actually occur?

I have sent inquiries to a number of incident response/negotiation firms and the DOJ. If I did not send one to your firm and your firm handles a lot of negotiations and payments, please accept my apologies for not having contacted you, and answer the following question (either publicly or via a private message to me):

In what percentage of cases where payment was made to delete data, did threat actors break their word and not delete it?

Please feel free to share this post with others here and elsewhere to boost my chances of getting additional responses/estimates. Thank you all.

#incidentresponse #ransom #extortion #ransomware #databreach