GITNUXREPORT 2026

Cybersecurity In The Casino Industry Statistics

Major casinos face escalating and costly cyber attacks demanding urgent industry investment.

Min-ji Park

Min-ji Park

Research Analyst focused on sustainability and consumer trends.

First published: Feb 13, 2026

Our Commitment to Accuracy

Rigorous fact-checking · Reputable sources · Regular updatesLearn more

Key Statistics

Statistic 1

In 2023, MGM Resorts International suffered a ransomware attack by the ALPHV/BlackCat group, leading to a 10-day operational shutdown across multiple properties

Statistic 2

Caesars Entertainment paid approximately $15 million in Bitcoin ransom to Scattered Spider hackers in 2023 to restore systems

Statistic 3

Over 60% of online casino platforms reported DDoS attacks in 2022, averaging 2.5 attacks per month per site

Statistic 4

In Q1 2024, phishing attempts targeting casino employees increased by 45% year-over-year

Statistic 5

1,200 gaming websites were hit by malware campaigns in 2023, compromising user data

Statistic 6

Ransomware incidents in the gaming sector rose 150% from 2021 to 2023

Statistic 7

73% of casino cyber breaches in 2022 involved insider threats

Statistic 8

Australia’s Crown Resorts faced a data breach exposing 30 million customer records in 2017

Statistic 9

40% of Las Vegas Strip casinos experienced attempted hacks during Super Bowl 2024 weekend

Statistic 10

BetMGM reported a 300% spike in credential stuffing attacks in 2023

Statistic 11

In 2023, the casino industry saw 250+ reported data breaches affecting 5.2 million records

Statistic 12

DDoS attacks on iGaming sites peaked at 1.5 Tbps in 2023

Statistic 13

55% of attacks on casinos used social engineering tactics in 2024

Statistic 14

Las Vegas casinos blocked 2.4 billion suspicious login attempts in 2023

Statistic 15

28 major ransomware groups targeted gambling firms in 2023

Statistic 16

In 2022, 15% of global casino hacks originated from Eastern Europe

Statistic 17

In 2023, 42% of casino DDoS attacks lasted over 24 hours, disrupting peak hours

Statistic 18

Social Spider group claimed 12 casino breaches in 2023 alone

Statistic 19

35% of attacks exploited casino loyalty app vulnerabilities

Statistic 20

Mobile betting apps saw 120% rise in man-in-the-middle attacks

Statistic 21

18% of breaches involved stolen casino vendor credentials

Statistic 22

Cryptojacking hit 25 casino cloud instances in 2023

Statistic 23

Supply chain attacks via casino software providers up 90%

Statistic 24

62% of incidents traced to nation-state actors probing casinos

Statistic 25

Fake casino apps downloaded 5 million times harbored malware

Statistic 26

Insider data theft rose 22% amid economic pressures in 2023

Statistic 27

92% of US casinos have implemented multi-factor authentication (MFA) by 2024

Statistic 28

65% of European casinos use AI-driven threat detection systems as of 2023

Statistic 29

Investment in casino cybersecurity rose 28% to $1.2 billion globally in 2023

Statistic 30

80% of major casinos now employ 24/7 SOC teams post-MGM attack

Statistic 31

Endpoint detection tools cover 75% of casino employee devices in 2024

Statistic 32

Zero-trust architecture adopted by 45% of online gambling operators

Statistic 33

55% of casinos conduct quarterly penetration testing

Statistic 34

Blockchain for transaction security implemented in 30% of crypto casinos

Statistic 35

Employee cybersecurity training completion rate at 88% in top-tier casinos

Statistic 36

SIEM systems integrated in 70% of casino IT infrastructures by 2024

Statistic 37

Quantum-resistant encryption piloted in 12% of high-stakes casinos

Statistic 38

95% reduction in phishing success after MFA rollout in tested casinos

Statistic 39

Incident response plans updated annually in 82% of Nevada properties

Statistic 40

AI anomaly detection reduced false positives by 60% in casino networks

Statistic 41

67% of casinos use EDR tools on critical systems

Statistic 42

85% of casinos use AI-based fraud detection scoring 95% accuracy

Statistic 43

60% adoption of behavioral biometrics for player authentication

Statistic 44

Cloud security posture management tools in 50% of hybrid casinos

Statistic 45

77% conduct AI-simulated red team exercises yearly

Statistic 46

Privileged access management (PAM) covers 68% critical assets

Statistic 47

40% of casinos integrated DeceptionGrid honeypots by 2024

Statistic 48

Data loss prevention (DLP) tools block 99% sensitive exfil attempts

Statistic 49

52% use secure access service edge (SASE) for remote ops

Statistic 50

Vulnerability management automation scans daily in 65% sites

Statistic 51

89% employee phishing simulation success rate improved to 92%

Statistic 52

SOC-as-a-Service contracted by 35% smaller casinos

Statistic 53

Ransomware backup air-gapping implemented in 80% enterprises

Statistic 54

MGM hack led to $100 million in direct losses from downtime in 2023

Statistic 55

Average cost of a casino data breach reached $4.5 million in 2023

Statistic 56

Caesars breach resulted in $4.7 million SEC disclosure fine in 2024

Statistic 57

UK gambling firms lost £1.2 billion to cyber fraud in 2023

Statistic 58

Ransomware recovery costs for casinos averaged $1.8 million per incident in 2023

Statistic 59

2023 cyber incidents caused 12% revenue drop for affected Nevada casinos

Statistic 60

Global iGaming sector cyber losses totaled $2.5 billion in 2023

Statistic 61

Downtime from MGM attack cost $30 million daily in lost reservations

Statistic 62

65% of breached casinos faced lawsuits costing average $2.1 million

Statistic 63

Australian casinos reported $500 million in cyber-related insurance claims 2022-2023

Statistic 64

Bonus abuse fraud schemes drained $800 million from online casinos in 2023

Statistic 65

22% increase in cyber insurance premiums for casinos post-2023 attacks

Statistic 66

Lost player trust post-breach led to 18% churn rate in affected casinos

Statistic 67

Total cyber fraud in US casinos hit $1.1 billion in 2023

Statistic 68

Average ransomware demand to casinos hit $5.2 million in 2023

Statistic 69

Post-breach stock drops averaged 7.4% for listed casino firms

Statistic 70

Remediation costs consumed 15% of IT budgets in breached casinos

Statistic 71

$300 million in fraudulent withdrawals from online casinos in 2023

Statistic 72

Notification costs per breach averaged $450k for large casinos

Statistic 73

20% long-term revenue loss from reputational damage post-attack

Statistic 74

Insurance deductibles rose to $10 million for high-risk casinos

Statistic 75

Chargeback fraud cost online casinos $650 million in 2023

Statistic 76

Legal settlements from class actions totaled $200 million in 2023

Statistic 77

Operational downtime equated to $50k per hour for mid-size casinos

Statistic 78

GDPR compliance achieved by 78% of EU casinos by 2023

Statistic 79

US states with casino cyber regs increased from 5 to 22 between 2020-2024

Statistic 80

85% of casinos fined for non-compliance averaged $500k penalties in 2023

Statistic 81

ISO 27001 certification held by 40% of global casino operators

Statistic 82

PCI DSS Level 1 compliance in 92% of payment-processing casinos

Statistic 83

Cyber disclosure mandates now apply to 60% of publicly traded casinos

Statistic 84

50% growth in casino cyber insurance policies from 2022-2024

Statistic 85

UK Gambling Commission audits 100% of licensees for cyber risks annually

Statistic 86

35% of casinos lag in NIST CSF implementation per 2024 audit

Statistic 87

Ransomware negotiation banned in 15 jurisdictions for casinos

Statistic 88

72% of casinos report to CISA within 72 hours post-breach as required

Statistic 89

Third-party risk management regs enforced in 55% of markets

Statistic 90

Projected 25% annual growth in casino cyber spending through 2028

Statistic 91

90% of regulators now require cyber drills for license renewal

Statistic 92

Asia-Pacific casinos face new data localization laws covering 45% of market

Statistic 93

CCPA compliance fines avoided by 95% California casinos via audits

Statistic 94

62% of regulators mandate AI ethics in cyber defenses for casinos

Statistic 95

Cyber maturity model assessments required for 70% licenses

Statistic 96

28% rise in cross-border data sharing regs for international casinos

Statistic 97

SOC 2 Type II reports audited annually in 55% vendors

Statistic 98

75% of casino slots use outdated Windows XP, vulnerable to exploits

Statistic 99

82% of casino networks have unpatched legacy systems exposing them to ransomware

Statistic 100

IoT devices in casinos, like smart locks, have 40% default credentials unchanged

Statistic 101

60% of online casino apps fail basic OWASP security tests

Statistic 102

Casino surveillance cameras run on insecure protocols in 55% of properties

Statistic 103

45% of casino payment gateways lack proper tokenization

Statistic 104

Third-party vendor breaches account for 68% of casino vulnerabilities

Statistic 105

90% of casino ATMs use weak encryption standards like SSLv3

Statistic 106

Slot machine networks often lack network segmentation, exposing 100% to lateral movement

Statistic 107

70% of casino websites have SQL injection flaws

Statistic 108

Biometric systems in casinos are vulnerable to spoofing in 35% of cases

Statistic 109

50% of casino mobile apps transmit data unencrypted over WiFi

Statistic 110

Loyalty program databases in casinos use unsalted hashes in 62% instances

Statistic 111

78% of casino edge computing devices lack firmware updates

Statistic 112

VIP room access controls bypassed via RFID cloning in 25% tested casinos

Statistic 113

Cloud misconfigurations affect 40% of casino-hosted platforms

Statistic 114

Multi-factor authentication bypass vulnerabilities in 48% of POS systems

Statistic 115

65% of casino servers run unsupported software versions

Statistic 116

Weak API security in betting platforms exposed in 52% audits

Statistic 117

HVAC systems in casinos hackable for physical access in 30% cases

Statistic 118

55% of casino email servers susceptible to BEC attacks

Statistic 119

Unsegmented guest WiFi networks compromise 70% of casino LANs

Statistic 120

42% of slot firmware contains backdoors from manufacturers

Statistic 121

Database misconfigs allow unauthorized access in 58% loyalty systems

Statistic 122

75% of casino VR/AR betting prototypes have prototype-level security

Statistic 123

Remote desktop protocols unpatched in 38% admin consoles

Sources
Trusted by 500+ publications
Harvard Business ReviewThe GuardianFortune+497
The casino industry, a world built on high-tech glamour and risk, is facing its most dangerous bet yet as devastating cyberattacks like those on MGM and Caesars prove the stakes have never been higher.

Key Takeaways

  • In 2023, MGM Resorts International suffered a ransomware attack by the ALPHV/BlackCat group, leading to a 10-day operational shutdown across multiple properties
  • Caesars Entertainment paid approximately $15 million in Bitcoin ransom to Scattered Spider hackers in 2023 to restore systems
  • Over 60% of online casino platforms reported DDoS attacks in 2022, averaging 2.5 attacks per month per site
  • MGM hack led to $100 million in direct losses from downtime in 2023
  • Average cost of a casino data breach reached $4.5 million in 2023
  • Caesars breach resulted in $4.7 million SEC disclosure fine in 2024
  • 75% of casino slots use outdated Windows XP, vulnerable to exploits
  • 82% of casino networks have unpatched legacy systems exposing them to ransomware
  • IoT devices in casinos, like smart locks, have 40% default credentials unchanged
  • 92% of US casinos have implemented multi-factor authentication (MFA) by 2024
  • 65% of European casinos use AI-driven threat detection systems as of 2023
  • Investment in casino cybersecurity rose 28% to $1.2 billion globally in 2023
  • GDPR compliance achieved by 78% of EU casinos by 2023
  • US states with casino cyber regs increased from 5 to 22 between 2020-2024
  • 85% of casinos fined for non-compliance averaged $500k penalties in 2023

Major casinos face escalating and costly cyber attacks demanding urgent industry investment.

Cyber Threats and Attacks

  • In 2023, MGM Resorts International suffered a ransomware attack by the ALPHV/BlackCat group, leading to a 10-day operational shutdown across multiple properties
  • Caesars Entertainment paid approximately $15 million in Bitcoin ransom to Scattered Spider hackers in 2023 to restore systems
  • Over 60% of online casino platforms reported DDoS attacks in 2022, averaging 2.5 attacks per month per site
  • In Q1 2024, phishing attempts targeting casino employees increased by 45% year-over-year
  • 1,200 gaming websites were hit by malware campaigns in 2023, compromising user data
  • Ransomware incidents in the gaming sector rose 150% from 2021 to 2023
  • 73% of casino cyber breaches in 2022 involved insider threats
  • Australia’s Crown Resorts faced a data breach exposing 30 million customer records in 2017
  • 40% of Las Vegas Strip casinos experienced attempted hacks during Super Bowl 2024 weekend
  • BetMGM reported a 300% spike in credential stuffing attacks in 2023
  • In 2023, the casino industry saw 250+ reported data breaches affecting 5.2 million records
  • DDoS attacks on iGaming sites peaked at 1.5 Tbps in 2023
  • 55% of attacks on casinos used social engineering tactics in 2024
  • Las Vegas casinos blocked 2.4 billion suspicious login attempts in 2023
  • 28 major ransomware groups targeted gambling firms in 2023
  • In 2022, 15% of global casino hacks originated from Eastern Europe
  • In 2023, 42% of casino DDoS attacks lasted over 24 hours, disrupting peak hours
  • Social Spider group claimed 12 casino breaches in 2023 alone
  • 35% of attacks exploited casino loyalty app vulnerabilities
  • Mobile betting apps saw 120% rise in man-in-the-middle attacks
  • 18% of breaches involved stolen casino vendor credentials
  • Cryptojacking hit 25 casino cloud instances in 2023
  • Supply chain attacks via casino software providers up 90%
  • 62% of incidents traced to nation-state actors probing casinos
  • Fake casino apps downloaded 5 million times harbored malware
  • Insider data theft rose 22% amid economic pressures in 2023

Cyber Threats and Attacks Interpretation

The casino industry is learning the hard way that while the house always wins, it's currently playing a high-stakes game of digital whack-a-mole against an army of hackers, insiders, and nation-states who keep finding new ways to rig the system from the inside out.

Cybersecurity Measures and Adoption

  • 92% of US casinos have implemented multi-factor authentication (MFA) by 2024
  • 65% of European casinos use AI-driven threat detection systems as of 2023
  • Investment in casino cybersecurity rose 28% to $1.2 billion globally in 2023
  • 80% of major casinos now employ 24/7 SOC teams post-MGM attack
  • Endpoint detection tools cover 75% of casino employee devices in 2024
  • Zero-trust architecture adopted by 45% of online gambling operators
  • 55% of casinos conduct quarterly penetration testing
  • Blockchain for transaction security implemented in 30% of crypto casinos
  • Employee cybersecurity training completion rate at 88% in top-tier casinos
  • SIEM systems integrated in 70% of casino IT infrastructures by 2024
  • Quantum-resistant encryption piloted in 12% of high-stakes casinos
  • 95% reduction in phishing success after MFA rollout in tested casinos
  • Incident response plans updated annually in 82% of Nevada properties
  • AI anomaly detection reduced false positives by 60% in casino networks
  • 67% of casinos use EDR tools on critical systems
  • 85% of casinos use AI-based fraud detection scoring 95% accuracy
  • 60% adoption of behavioral biometrics for player authentication
  • Cloud security posture management tools in 50% of hybrid casinos
  • 77% conduct AI-simulated red team exercises yearly
  • Privileged access management (PAM) covers 68% critical assets
  • 40% of casinos integrated DeceptionGrid honeypots by 2024
  • Data loss prevention (DLP) tools block 99% sensitive exfil attempts
  • 52% use secure access service edge (SASE) for remote ops
  • Vulnerability management automation scans daily in 65% sites
  • 89% employee phishing simulation success rate improved to 92%
  • SOC-as-a-Service contracted by 35% smaller casinos
  • Ransomware backup air-gapping implemented in 80% enterprises

Cybersecurity Measures and Adoption Interpretation

Casinos have realized that while the house always wins, they can no longer afford to let hackers even place a bet, pouring billions into an AI-augmented, zero-trust, and relentlessly trained digital fortress that proves security is now the most critical odds-maker in the business.

Financial Losses and Impacts

  • MGM hack led to $100 million in direct losses from downtime in 2023
  • Average cost of a casino data breach reached $4.5 million in 2023
  • Caesars breach resulted in $4.7 million SEC disclosure fine in 2024
  • UK gambling firms lost £1.2 billion to cyber fraud in 2023
  • Ransomware recovery costs for casinos averaged $1.8 million per incident in 2023
  • 2023 cyber incidents caused 12% revenue drop for affected Nevada casinos
  • Global iGaming sector cyber losses totaled $2.5 billion in 2023
  • Downtime from MGM attack cost $30 million daily in lost reservations
  • 65% of breached casinos faced lawsuits costing average $2.1 million
  • Australian casinos reported $500 million in cyber-related insurance claims 2022-2023
  • Bonus abuse fraud schemes drained $800 million from online casinos in 2023
  • 22% increase in cyber insurance premiums for casinos post-2023 attacks
  • Lost player trust post-breach led to 18% churn rate in affected casinos
  • Total cyber fraud in US casinos hit $1.1 billion in 2023
  • Average ransomware demand to casinos hit $5.2 million in 2023
  • Post-breach stock drops averaged 7.4% for listed casino firms
  • Remediation costs consumed 15% of IT budgets in breached casinos
  • $300 million in fraudulent withdrawals from online casinos in 2023
  • Notification costs per breach averaged $450k for large casinos
  • 20% long-term revenue loss from reputational damage post-attack
  • Insurance deductibles rose to $10 million for high-risk casinos
  • Chargeback fraud cost online casinos $650 million in 2023
  • Legal settlements from class actions totaled $200 million in 2023
  • Operational downtime equated to $50k per hour for mid-size casinos

Financial Losses and Impacts Interpretation

The house may always win, but these statistics prove that cybercriminals are running a devastatingly profitable side table, cashing in on everything from ransom and fraud to lost trust and legal fees.

Regulations, Compliance, and Trends

  • GDPR compliance achieved by 78% of EU casinos by 2023
  • US states with casino cyber regs increased from 5 to 22 between 2020-2024
  • 85% of casinos fined for non-compliance averaged $500k penalties in 2023
  • ISO 27001 certification held by 40% of global casino operators
  • PCI DSS Level 1 compliance in 92% of payment-processing casinos
  • Cyber disclosure mandates now apply to 60% of publicly traded casinos
  • 50% growth in casino cyber insurance policies from 2022-2024
  • UK Gambling Commission audits 100% of licensees for cyber risks annually
  • 35% of casinos lag in NIST CSF implementation per 2024 audit
  • Ransomware negotiation banned in 15 jurisdictions for casinos
  • 72% of casinos report to CISA within 72 hours post-breach as required
  • Third-party risk management regs enforced in 55% of markets
  • Projected 25% annual growth in casino cyber spending through 2028
  • 90% of regulators now require cyber drills for license renewal
  • Asia-Pacific casinos face new data localization laws covering 45% of market
  • CCPA compliance fines avoided by 95% California casinos via audits
  • 62% of regulators mandate AI ethics in cyber defenses for casinos
  • Cyber maturity model assessments required for 70% licenses
  • 28% rise in cross-border data sharing regs for international casinos
  • SOC 2 Type II reports audited annually in 55% vendors

Regulations, Compliance, and Trends Interpretation

The casino industry is rapidly learning that while the house always wins, regulators and cybercriminals are now taking a much larger, and mandatory, cut of the action.

Vulnerabilities in Casino Systems

  • 75% of casino slots use outdated Windows XP, vulnerable to exploits
  • 82% of casino networks have unpatched legacy systems exposing them to ransomware
  • IoT devices in casinos, like smart locks, have 40% default credentials unchanged
  • 60% of online casino apps fail basic OWASP security tests
  • Casino surveillance cameras run on insecure protocols in 55% of properties
  • 45% of casino payment gateways lack proper tokenization
  • Third-party vendor breaches account for 68% of casino vulnerabilities
  • 90% of casino ATMs use weak encryption standards like SSLv3
  • Slot machine networks often lack network segmentation, exposing 100% to lateral movement
  • 70% of casino websites have SQL injection flaws
  • Biometric systems in casinos are vulnerable to spoofing in 35% of cases
  • 50% of casino mobile apps transmit data unencrypted over WiFi
  • Loyalty program databases in casinos use unsalted hashes in 62% instances
  • 78% of casino edge computing devices lack firmware updates
  • VIP room access controls bypassed via RFID cloning in 25% tested casinos
  • Cloud misconfigurations affect 40% of casino-hosted platforms
  • Multi-factor authentication bypass vulnerabilities in 48% of POS systems
  • 65% of casino servers run unsupported software versions
  • Weak API security in betting platforms exposed in 52% audits
  • HVAC systems in casinos hackable for physical access in 30% cases
  • 55% of casino email servers susceptible to BEC attacks
  • Unsegmented guest WiFi networks compromise 70% of casino LANs
  • 42% of slot firmware contains backdoors from manufacturers
  • Database misconfigs allow unauthorized access in 58% loyalty systems
  • 75% of casino VR/AR betting prototypes have prototype-level security
  • Remote desktop protocols unpatched in 38% admin consoles

Vulnerabilities in Casino Systems Interpretation

The casino industry appears to have decided that the house always wins, except when facing a hacker who can effortlessly exploit a sprawling buffet of antiquated systems, default passwords, and unpatched vulnerabilities left open like a high-roller's tab.

Sources & References

Logos provided by Logo.dev