Another Las Vegas Casino Suffered Major Cyberattack — Back in January

18 Oct 2025

According to court documents originally published by Crain's New York Business on October 14, 2025, the OYO Hotel & Casino Las Vegas (previously Hooters Hotel & Casino) had a major cyberattack in January 2025. The resulting data breach reportedly compromised the personal information of 4,700 casino and hotel guests and employees.

The cyberattack came to light during a legal battle between OYO Hotels, which operates hotels in Las Vegas, New York, and numerous other locations, and Highgate Hotels, a well-known hotel management company. Highgate filed a lawsuit challenging its sudden firing from the OYO Times Square hotel on August 1, 2025, claiming that the removal violated New York Labor Law Section 860-a, which mandates 90 days' notice for such mass layoffs.

According to Casino.org, the incident was reported by BreachSense.com, a dark web monitoring service, on January 14, 2025. It stated that LockBit 3.0, a well-known ransomware gang, had leaked the compromised OYO Las Vegas data on their dark web page.

Further details published on August 15, 2025 by another cyber monitoring site, Brinztech.com, claimed that 30 gigabytes of sensitive data was stolen and exposed in the incident. According to reports, this included:

Personal and financial information of hotel and casino patrons
Internal financial and operational records
Human resources files containing sensitive employee data
Proprietary documentation related to casino gaming systems and procedures

OYO did not respond to Casino.org's request for a response right away.