Rivers Casino Des Plaines, located in Illinois, is confronting a proposed class-action lawsuit stemming from a cyberattack in August that exposed the personal information of thousands of individuals.
Rivers Casino Lawsuit Highlights Security Gaps and Potential Identity Theft Dangers
Lead plaintiff Michael Glebiv, among over 100 individuals already included in the class action, claims that he would not have entrusted his personal information to Rivers Casino had he been aware of the inadequate data security measures in place.
The cyberattack, occurring around August 12 but only discovered in early November, targeted Rivers Casino Des Plaines’ IT network. The compromised information includes employee and patron names, along with sensitive data such as addresses, dates of birth, Social Security and passport numbers.
While the casino asserts that the cyberattack did not disrupt its operations, a cybersecurity firm investigating the breach emphasizes the potential risks of identity theft due to the stolen personal information.
The class-action lawsuit comprises five counts, encompassing negligence, negligence per se, breach of implied contract, unjust enrichment, and violation of the Illinois Consumer Fraud Act.
The lawsuit contends that the casino was aware of the value of the unprotected personally identifiable information it held, making it a prime target for cybercriminals seeking unauthorized access to monetize the stolen data.
Rivers Casino Assists Plaintiffs and Offers Identity Protection
Rush Street Gaming, the Chicago-based parent company of Rivers Casino, has not yet issued a legal response to the allegations. However, the company maintains that it employs robust security protocols and promptly took steps to contain and secure its systems upon detecting the cyberattack.
Despite the casino’s assurances that there is no indication of financial fraud or identity theft linked to the incident, complimentary identity monitoring and protection services are being offered to potentially impacted individuals.
As the lawsuit unfolds, Rivers Casino Des Plaines is actively assisting the affected plaintiffs in the class action, providing services such as placing Fraud Alerts and Security Freezes on credit files, as well as offering dedicated and confidential support through a toll-free response line.
This legal action follows Rivers Casino’s belated revelation of the data breach in November, nearly three months after the cyberattack occurred. Unlike similar incidents affecting MGM Resorts and Caesars Entertainment, Rivers Casino did not receive an immediate ransom demand.
Customers of Caesars Entertainment and MGM Resorts International have also filed five class-action lawsuits in Nevada District Court, alleging that the casino giants failed to protect important customer data during the cyberattacks.
The plaintiffs claim that the companies were aware of the significance of consumer data but did not adhere to Federal Trade Commission guidelines, potentially exposing affected customers to a heightened risk of identity theft. The lawsuits seek compensation for the perceived lack of diligence.