Excerpt from CyberInsider Article, Published on September 24, 2025
Boyd Gaming Corporation, a major operator in the US casino and hotel sector, disclosed a recent cybersecurity incident involving unauthorized access to its internal IT systems. This breach led to the exfiltration of sensitive data, primarily concerning employees and some other individuals. Although Boyd has not specified the timeline of the breach or its discovery, the company promptly engaged external cybersecurity experts and notified federal law enforcement to address the situation.
The incident did not impact Boyd’s properties or its business operations, ensuring continuity. However, the attackers removed various undisclosed types of data, including key employee information and limited non-employee details. Boyd is actively notifying affected individuals and regulators to meet legal obligations.
As a leading player with 28 gaming properties across 10 states, Boyd maintains a comprehensive cybersecurity insurance policy. This insurance is expected to cover the costs of incident response, forensic investigations, regulatory fines, and possible business disruptions.
The hospitality and casino industry has recently faced significant cyber threats, with notable incidents such as ransomware attacks at MGM Resorts and Caesars in 2023. Boyd has not linked this breach to any specific threat actor yet. The company has assured investors that the breach will not materially affect its financial health or operations.
Employees and third parties linked to Boyd should be vigilant against phishing attempts and unauthorized communications. They are advised to reset passwords for Boyd accounts and monitor their personal accounts closely for suspicious activity.
To delve deeper into this topic, visit CyberInsider.
