Singapore’s Marina Bay Sands says 665,000 customers had data stolen during cyberattack


A cyberattack last month against the Marina Bay Sands casino and hotel in Singapore led to the theft of data from 665,000 customers.

The massive complex is located in Singapore’s Marina Bay waterfront and hosts a 2,200-room hotel alongside one of the largest casinos in Asia.

In a notice on Tuesday, the company said it became aware of a data security incident on October 20 after hackers broke into their systems the day before. The hackers gained access to customer loyalty program membership data.

“Upon discovery of the incident, our teams immediately took action to resolve it,” they said.

“Based on our investigation, we do not have evidence to date that the unauthorized third party has misused the data to cause harm to customers. We do not believe that membership data from our casino rewards programme, Sands Rewards Club, was affected.”

The company is working with a cybersecurity firm to address the issue and said the data stolen includes names, email addresses, phone numbers, country of residence, membership numbers and more.

Customers affected by the breach will be contacted by the company. The incident has been reported to authorities in Singapore and other countries.

The attack on Marina Bay Sands follows ransomware attacks on Las Vegas-based MGM Resorts and Caesars Entertainment — two of the largest hotel and casino companies on the planet.

Last month, MGM Resorts said the ransomware attack will cost them about $100 million due to the damage done to hotel systems as well as customer data stolen.

Semperis principal technologist Sean Deuby, who works with hospitality companies on cybersecurity, said attacks on Marina Bay Sands, MGM and Caesars have “left the entire hotel and casino industry on edge.”

“The silver lining in this most recent breach is that hackers don’t appear to have walked away with the crown jewels of personally identifiable information such as social security numbers and credit card data,” he said.

“However, by stealing other personal information about Marina Bay Sands’ loyal customers such as email addresses, and mobile phone numbers, there is a high probability that the attackers could conduct other social engineering-based attacks and phishing scams in the weeks ahead or sell the data to the highest bidders on the dark web.”

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Japan Aviation Electronics says servers accessed during cyberattack

Next Post

Dallas County reviewing data leaked by ransomware gang

Related Posts

The water industry wants to write its own cybersecurity rules. Will Biden and Congress go for it?

When Iranian government operatives hacked into water utilities across the U.S. late last year, it was a chilling reminder of how vulnerable the water sector remains — and how tortuous the efforts to regulate its cybersecurity have been.
Jason Macuray
Read More