A Golden Entertainment phishing attack is forcing the gaming company to see if any exposed information has been used in a harmful way and to look at ways to protect employees from possible attacks in the future.

There are many different ways that hackers can strike. From infiltrating entire networks to installing viruses and malware, their methods are varied and unfortunately, quite effective. A newly announced breach of one company’s employee email accounts shows how simple and effective it can be.

In what seems to be a phishing attack, hackers sent an email to an employee of Golden Entertainment, a company that manages casinos, distributed gaming venues and more. The email enticed the employee to follow through with some sort of instructions, which have not been released. Those instructions could have been to open an attachment, download a file, click a link or any other avenue that the hackers chose.

The end result was that the email contained malicious steps that gave the hackers access to email accounts for the employees. The report states that the unauthorized user(s) may have visited that account more than once throughout an eight-month period. As such, they were able to access sensitive emails, including some that had attachments. Those attachments included complete customer identities for some clients, including payment card data, Social Security numbers and much more.

The company has not found any evidence that the affected customers’ information was used in a harmful way, but they are being very cautious about their investigation and resulting steps.

The Golden Entertainment phishing attack is just another reminder that all companies, no matter how big or small and no matter what industry they are in, should have comprehensive employee training on how to respond to emails, messages and social media posts. Those trainings should include instructions on never opening an attachment or clicking a link that was unexpected, even if the email appears to come from a trusted sender. Instead, the employees should verify the instructions verbally before complying.

Failure to do so can lead to cybercrimes such as hacking, account takeover, ransomware and identity theft, as seen in the Golden Entertainment phishing attack. The high costs of the aftermath of these attacks can make anyone wish they had simply never clicked. Be sure you are doing all you can to protect yourself from attacks like the Golden Entertainment phishing attack by being able to spot a phishing attack and reporting it to your employer.

If you believe you are a victim of identity theft, you can call the Identity Theft Resource Center toll free at 888.400.5530 to speak with one of our advisors or live chat with an advisor on our website. They will help you create an action plan for your case while directing you on the next steps you need to take.


For on-the-go identity assistance, check out the free ID Theft Help App from ITRC.

You might also like…