4 Queens/Binions computer systems down

I don't think anyone has mentioned points not being accumulated as being an issue until now. Doesn't sound good.

Hate to rely on rumors, but since no officials are talking (which by the way is consistent with how management acts when undergoing a cyber attack... especially a private company), it is all we have to go on. A casino employee (not management) has said that this indeed was a ransom cyber attack/hack, and that several casinos were targeted. Golden Nugget coughed up the $300k payment and was untouched, while Four Queens/Binions didn't, and are now dealing with the consequences.

If true, one would think any decent management would have at least tried to prepare for the possibility of an imminent attack actually hitting, by coming up with alternative ways of getting things done, for instance, copying over hotel reservation data to another system, or making backup plans for acquiring portable credit card processing machines that would work outside their network. These type of things are part of Disaster Recovery Planning that ANY company in the last 40 years should have on file, and periodically review, and test.

 

I hope the D doesn't have problems when I come in a couple weeks. I want to give them some play and hope for some comps. If the machines are tight then I'm gonna GTFO lol

 

The more I think about it, things like this make sense.

I'm aware of two things that might be at play here. First is that many smaller companies just back up by copying entire drives over to another one which is directly accessible, thus the backups might be scrambled in an attack as well.

Second is that many ransomware programs are time bombs. They don't detonate right away, but wait until many backup cycles have been expended and then do damage. Then "undamaged" backups are equally infected.

My guess is that this whole thing was caused by people clicking a link in an email and then giving permission for the nastyware to do something. "Loose nut behind the keyboard."

 

So let me ask the ignorant question....does this type activity also download and copy information within the system? Or just cause mayhem? I gave my drivers license to sign up. It has dob, address, etc. if I won a hand pay then somewhere would also have my ss# required by the casino for tax purposes on w2g. Is this information also compromised or was it just an “extortion” (if that proves to be true) of outsiders via malware.
(this is getting spooky).

 

There's an underground market for personal data. It depends on the intent of the perps. They could only be interested in a ransom to restore scrambled information, or they could have copied about anything to their site as well.

If you wanna open a real can of worms, think about PCI issues (payment cards). Nevada requires PCI compliance, although much of their standards are "suggestions" instead of mandates. If they were truly negligent, they could be in very hot water with their bank or other payment card service provider.

 

I don't want to get into a whole education of disaster recovery/preparation, how it is done, etc, in a Las Vegas travel forum. But, I have to comment when I see this:

"First is that many smaller companies just back up by copying entire drives over to another one which is directly accessible" Not in my years of experience. A company based in a home, or with 20 employees? Maybe. A corporation with millions of dollars of business at stake? No, not even Four Queens would have this kind of "back up". What corporations do you know of that are backing up data in this fashion?

This type of serious damage is more likely done with the hackers breaking into the network, as opposed to a desktop PC "time bomb deleting data".

 

You're forgetting this is the Four Queens. No. They do not send email confirmations for room reservations as a matter of course. They "may" send an email if you request it, but when I did, I got it four days later.

 

A ransomware attack makes sense particularly since The D had problems as well. Presumably, The D's IT response/defense was more robust.

 

This was exactly what I was referring to. Small companies often do it that way. I'm not an expert in backup solutions, but I do know that many of them work by simply copying files from one device to another.

I would say "time bomb encrypting data" instead of deleting data, and apparently I'm not the only one who suspects ransomware ...

https://www.cbronline.com/news/casino-ransomware-attack

 

If you assume that your personal information is now in the hands of someone who shouldn't have it you'll be safer than waiting to find out what really happened.

 

There are many examples of ransomeware attacks crippling government and corporations. Many start with an employee clicking on a link in an e-mail and spread their way to shared resources on multiple servers. The fact that so many end up paying the ransom is an indication their backups are somehow faulty and they didn't realize it until it was too late.

https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

"The average payment to release files spiked to $84,116 in the last quarter of 2019, more than double what it was the previous quarter, according to data from Coveware, another security firm. In the last month of 2019, that jumped to $190,946, with several organizations facing ransom demands in the millions of dollars.

Security experts say that even these numbers underestimate the true cost of ransomware attacks, which have disrupted factories and basic infrastructure and forced businesses to shut down."

 

There is a very good chance that all of that information already exists in places where it should not.

When or if they use it is another question. There is ZERO need to take any action like new credit cards, etc.

It is wise to keep a good idea on all your accounts so that if somebody starts to use them, you can take action then. Put a lock on credit file. Get email alerts for charges made to your credit cards. Use CC and not debit cards. Get a daily email from your bank with checking account activity.

Go get a drink.

 

What IS the process to lock down credit lines? I had it bookmarked once but can’t find it. A link is fine if too detailed to explain. Thanks in advance.

 

Just did a search and found this for transunion... similar for others
https://www.transunion.com/credit-freeze


Do not confuse a LOCK with a FREEZE
https://www.nerdwallet.com/blog/finance/credit-lock-and-credit-freeze/

 

Thank you. I think this is the bookmark I lost so I took a screenshot this time. Duh. Thanks again

 

I do way less bookmarks these days and just do a search. Seems to work way better.

 

The web sites of both Four Queens and Binion's are finally up again. Not surprisingly, they still do not have TLS certificates on them. I once joked about this, but now I have to take it as a sign that they are not serious enough about (that is, not willing to put enough money into) their network security and perception of trust.

 

I played in 4 queens today for a while, but I noticed points were not added to my account. They were showing up while playing, but in my actual account portal it remained the same start to finish. Perhaps it will take a bit to catch up, or perhaps I played without getting the points. Time will tell.

 

Was going to plan a return visit, but gee, who knows what damage was done? Don’t think they know yet.

 

It seems to me all that remains now that things are starting to settle down is how this is going to be handled for teh people impacted. The rest is a distraction.