News
Wynn Resorts Faces [Second] Class Action Lawsuit Over Data Breach
BlogBreachesResourcesNews
Wynn Resorts Faces [Second] Class Action Lawsuit Over Data Breach

Wynn Resorts Faces [Second] Class Action Lawsuit Over Data Breach

UpGuard Team
UpGuard Team
February 26, 2026

Following the disclosure of a major security breach in February 2026, Wynn Resorts is now facing multiple federal class action lawsuits (notably Reed v. Wynn Resorts and Maynard v. Wynn Resorts). The core of the legal dispute rests on two main points:

  • Negligence in Safeguards: Plaintiffs allege that Wynn Resorts failed to follow industry-standard encryption and security protocols for its Oracle PeopleSoft systems, leaving sensitive data vulnerable to unauthorized access.
  • The Scope Dispute: While Wynn Resorts has publicly stated the breach primarily impacted employee data, the lawsuits point to claims made by the threat actor (ShinyHunters) that over 800,000 records—including customer information—were compromised.

The legal filings seek damages for affected individuals, citing a "lifetime risk" of identity theft and criticizing the company for a perceived delay in notifying the public.

What happened in the Wynn Resorts data breach?

The breach first came to light on February 20, 2026, when the extortion group ShinyHunters listed Wynn Resorts on its dark web leak site. Although the public reports emerged in February, investigations suggest that unauthorized access to the company’s IT network actually began as early as September 2025.

The attackers reportedly targeted the company’s Human Resources and ERP platforms, exfiltrating approximately 800,000 records. These records contained highly sensitive Personally Identifiable Information (PII), including:

  • Full names and Social Security numbers (SSNs)
  • Dates of birth and phone numbers
  • Employment history and internal records

Wynn Resorts activated its incident response protocols immediately after the February threat and stated that the unauthorized party eventually claimed to have deleted the stolen data. However, the company has not confirmed whether a ransom was paid to secure this deletion.

Who was behind the incident?

The group responsible is ShinyHunters, a notorious cyber-extortion collective active since 2020. Unlike traditional ransomware groups that lock users out of their systems, ShinyHunters typically focuses on "Pure Extortion":

  1. Stealthy Exfiltration: They quietly copy large databases (often targeting cloud buckets or SSO providers).
  2. The Ransom Demand: For the Wynn Resorts incident, the group reportedly demanded a ransom of 22.34 Bitcoin (approximately $1.5 million).
  3. The Threat: If payment is not made, they leak or sell the data on dark web forums like BreachForums.

ShinyHunters has a history of targeting high-profile entities, including Ticketmaster and CarGurus. Their involvement in the Wynn breach is particularly concerning because they frequently "double-dip"—selling data even after claiming it has been deleted.

Impact and Risks for Wynn Resorts Customers

While Wynn Resorts maintains that guest operations and physical properties were not disrupted, the legal challenges suggest a broader risk profile than initially admitted.

  • For Employees: The risk is Critical. The exposure of SSNs and employment records allows malicious actors to commit long-term financial fraud, file fraudulent tax returns, or open new lines of credit in the victim's name.
  • For Customers: The risk is Plausible but Unconfirmed. If the lawsuit's allegations are true and customer data was included in the 800,000 records, guests could be targeted by vishing (voice phishing) and highly personalized social engineering attacks. Using known travel dates or loyalty program details, scammers can craft convincing stories to steal further financial credentials.
  • Long-Term Exposure: Because data like birth dates and SSNs cannot be changed, the risk does not expire. Affected individuals must remain vigilant for years, as stolen databases are often traded between different criminal groups long after the initial breach.

How secure is Wynn Resorts?

Wynn Resorts operates luxury hotel and casino properties that feature gaming facilities, hotel accommodations, dining venues, retail spaces, spas, and entertainment offerings. The company manages integrated resorts and gaming clubs across multiple international markets including the United States, Macau, and the United Kingdom.
  • Check icon
    View our free preliminary report on Wynn Resorts’s security posture
  • Check icon
    13 risk factors, including email security, SSL, DNS health, open ports and common vulnerabilities
View Wynn Resorts's score
View score
https://www.wynnresorts.com
Security ratings
Deliver icon

Sign up for our newsletter

UpGuard's monthly newsletter cuts through the noise and brings you what matters most: our breaking research, in-depth analysis of emerging threats, and actionable strategic insights.

Latest news

Stay up-to-date with the latest news in cybersecurity.
Data breach reported by University of Hawaiʻi Cancer Center

Data breach reported by University of Hawaiʻi Cancer Center

A data breach involving University of Hawaii Cancer Center was reported in February 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
February 28, 2026
Multiple Mexican Government Agencies Data Breach

Multiple Mexican Government Agencies Data Breach

A data breach involving SAT was reported in February 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
February 26, 2026
Overview: Odido & Ben Data Breach

Overview: Odido & Ben Data Breach

A data breach involving odido.nl was reported in February 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
February 25, 2026
Critical Juniper Networks RCE CVE-2026-21902

Critical Juniper Networks RCE CVE-2026-21902

Juniper Networks disclosed a critical Remote Code Execution (RCE) vulnerability (CVE-2026-21902). Learn the details and how to respond if you're impacted.
UpGuard Team
UpGuard Team
February 26, 2026
Overview: ManoMano Data Breach

Overview: ManoMano Data Breach

A data breach involving ManoMano was reported in February 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
February 25, 2026
Data breach reported for Pyramid Advisors Limited Partnership d/b/a Pyramid Global Hospitality

Data breach reported for Pyramid Advisors Limited Partnership d/b/a Pyramid Global Hospitality

A data breach involving Pyramid Global Hospitality was reported in February 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
February 25, 2026
View all news
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

Protect your organization

Get in touch or book a free demo.
Contact sales
Free demo
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Free score
Website Security scan resultsWebsite Security scan rating