Rivers Casino Philadelphia Facing Legal Threats After Data Breach

^{If you parked here, at the Rivers Casino Philadephia, there's a chance hackers got your name, social security and bank account number. And lawyers are ready to sue over it. (Image: Randy Duchaine / Alamy)}

Multiple firms are pursuing lawsuits against Rivers Casino Philadelphia and its operator, Rush Street Gaming, after a data breach was discovered by the casino late last year.

At least three lawsuits have been filed in Pennsylvania’s Eastern District Court related to the incident, including at least one that is seeking class-action status on behalf of the casino’s customers.

Law Firms Line Up to Represent Potential Victims

A report by ABC 6 Action News identified a Radnor-based law firm as filing a potential class-action lawsuit on behalf of a Philadelphia resident, along with compensatory damages and additional relief. Class action law firms Levi & Korsinsky, LLP and Edelson Lechtzin LLP have also launched investigations into the data breach, according to Next.io. 

Rivers Casino first identified the breach in late November. On Tuesday, casino spokesperson Jack Horner issues a statement saying that an unauthorized user had accessed or stolen files from the casino. 

“Upon identifying the incident, Rivers Casino Philadelphia immediately secured the involved systems and launched an investigation,” Horner said. “Through the investigation, Rivers Casino Philadelphia determined that an unauthorized actor accessed and/or took certain files stored on our computer servers. Rivers Casino Philadelphia is mailing letters to individuals whose information may have been involved in the incident.”

The statement did not detail how many people were impacted or the type of information accessed by the hacker.

However, a statement from Levi & Korsinsky detailed some of the information it believes may have been accessed.

“Upon information and belief, the following types of sensitive personal information may have been breached: name, Social Security number, and bank account information used for direct deposit,” the statement reads.

According to the law firm, customers were sent letters notifying them of the data breach on or around December 30. 

In its own statement on the incident, law firm Shub & Johns LLC said that “Rivers Philadelphia has indicated that approximately 2 million individuals have been impacted by the breach.”

Formerly known as SugarHouse Casino, the Fishdown-based Rivers Casino Philadelphia was rebranded in 2019. 

Cybersecurity Concerns Continue to Grow for Gaming Industry

The importance of cybersecurity has become a high-profile issue in recent years, as many major operators have dealt with hacking incidents, some of which disrupted operations at casinos.

 One of the largest attacks took place in September 2023, which hackers were able to breach MGM’s systems to launch a ransomware attack, causing operational systems to fail across several of the operator’s resorts. Everything from digital room keys to reservation systems and gaming machines were impacted, with the company putting its estimated losses at around $100 million.

Caesars Entertainment was also targeted by the same cyberattack. However, the company reportedly paid $15 million in ransom – about half of the initial demand – to have its systems restored and all stolen data returned from the hackers.