Boyd Gaming experiences third party cybersecurity attack

Boyd Gaming experienced a cybersecurity attack on September 23, according to a filing with the US Securities and Exchange Commission, resulting in an unauthorized third party obtaining internal information such as employee records tied to “a limited number of individuals.”

The operator stated the September 23 cyberattack “has had no impact” on business operations or an effect in any of Boyd Gaming’s properties, including 11 casinos in Las Vegas, Nevada and more than 10 throughout the remaining US. 

According to the filing, federal law enforcement and outside cybersecurity experts are assisting with the investigation, while Boyd Gaming has notified those affected by the breach as well as all required regulators and government agencies. 

“Casinos present an especially attractive target – large volumes of personal data, continuous cash flow and complex IT environments make for high-value operations that demand layered defence strategies,” Huntress Senior Security Operations Analyst Michael Tigges said. 

“Boyd Gaming’s swift disclosure underscores a growing recognition within the gaming industry that transparency is vital when responding to sophisticated attacks. While details remain limited, the incident highlights the importance of real-time visibility across endpoints and identities.”

Boy Gaming also stated its comprehensive cybersecurity insurance policy is expected to cover any costs in relation to the incident response, including forensic work, legal claims and potential fines handed down to the operator. 

Good to know: Fanatics Betting and Gaming formed a new multi-year partnership with Boyd Gaming on August 25 to expand its retail and online sportsbook operations into Missouri, projected to officially launch in December 2025

The company does not believe the cybersecurity attack will have any impact on its financial condition or results from operations, and “promptly took steps” to report the incident in cooperation with federal law enforcement. 

Tigges continued: “This breach serves as a reminder that continuous monitoring and rapid incident response are no longer optional but central to safeguarding both employee data and brand trust.”

In recent company news, Boyd Gaming finalized its agreement with Flutter Entertainment to sell its remaining 5% stake in FanDuel for approximately $1.755bn in July 2025, allowing Flutter to secure full ownership of the leading US sports betting platform at an implied valuation of $31bn.

FanDuel will continue to operate Boyd’s retail sportsbooks outside of Nevada through the first half of 2026, after which Boyd will assume operational control.

Kirk Geller

Visit Profile

Players trust our reporting due to our commitment to unbiased and professional evaluations of the iGaming sector. We track hundreds of platforms and industry updates daily to ensure our news feed and leaderboards reflect the most recent market shifts. With nearly two decades of experience within iGaming, our team provides a wealth of expert knowledge. This long-standing expertise enables us to deliver thorough, reliable news and guidance to our readers.