It's a sign of the times.
In today's digital age, cybersecurity breaches have become a significant concern for businesses across various industries.
Earlier this year, the OYO Las Vegas Hotel & Casino, located across from MGM Grand, was targeted by a ransomware attack from the hacking group LockBit 3.0 between January 8 and January 11.
The hackers stole around 30 gigabytes of sensitive data, which they later shared on the dark web. This information included personal and financial details of hotel guests and employees, as well as the hotel's financial records and casino operations data.
In total, around 4,700 people had their information compromised by the breach, highlighting the severity of the incident.
The breach also came to light shortly after Boyd Gaming revealed that it, too, had been the victim of a recent cybersecurity attack. There was also an IT disruption at Jake's 58 Casino Hotel in Islandia, New York, earlier this year, and another at a casino in Minnesota in the spring.
Public Disclosure and Delayed Reporting
Surprisingly, the breach went unreported publicly for several months.
It was discovered during a court case in New York involving a dispute between OYO Hotels and Highgate Hotels, which managed the property when the cyberattack occured. OYO reported the incident to authorities on September 18 and informed those affected nearly a month later, on October 9.
The delayed reporting sparked a legal dispute, with OYO accusing Highgate of negligence in managing the property's cybersecurity.
The company cited the breach as evidence of "deficient" IT practices, leading to the termination of Highgate's management agreements in both Las Vegas and New York, and resulting in multiple lawsuits.
This incident further underscored the urgent need for stronger cybersecurity measures within the hospitality industry.
History of OYO Las Vegas Hotel & Casino
The site now known as the OYO Las Vegas Hotel & Casino has a rich history.
Originally opening its doors in 1973 as a Howard Johnson Hotel, it has undergone several transformations over the decades. In 2019, OYO Hotels & Homes, a fast-growing hospitality chain from India, took over the property from Hooters Casino Hotel, marking its entry into the bustling Las Vegas market.
With its vibrant atmosphere and convenient location, the hotel offers visitors a unique blend of comfort and entertainment. Despite its storied past, the OYO Las Vegas Hotel & Casino faced a formidable challenge in 2025 when it became the victim of a major cyberattack.
Broader Implications for the Casino Industry
The cyberattack on OYO Las Vegas Hotel & Casino is part of a larger trend affecting casinos and hotels in Las Vegas.
Other prominent companies, such as MGM Resorts International, Caesars Entertainment, and Boyd Gaming, have also fallen victim to high-profile ransomware incidents in recent years. These breaches have prompted intensified calls for stronger cybersecurity regulations and data protection measures across the hospitality and gaming sectors.
The OYO Las Vegas cyberattack serves as a stark reminder of the ever-present threat posed by cybercriminals. As the hospitality industry continues to embrace digital technology, ensuring robust cybersecurity practices is essential to safeguard both business interests and customer data.
