Singapore’s Marina Bay Sands has become the latest integrated resort to be subject to a data security incident, informing members of its shopping rewards program that some personal data had been accessed without permission by a third party late last month.
In a letter sent to members on Tuesday morning, MBS Chief Operating Officer Paul Town explained that the incident took place on 19 and 20 October with the unknown third party having accessed the customer data of around 665,000 rewards program members. The incident relates to the non-casino Sands Lifestyle Rewards program rather than the Sands Rewards Club, with Town noting the company does not believe its gaming membership program was affected.
In a statement MBS said it does “not have evidence to date that the unauthorized third party has misused the data to cause harm to customers.”
However, “After learning of the issue, we quickly launched an investigation, have been working with a leading external cybersecurity firm, and have taken action to further strengthen our systems and protect data.
“We have reported this incident to the relevant authorities in Singapore and other countries where applicable and are working with them in their inquiries into the issue,” the company said.
The incident follows the recent cyberattack on US casino operators MGM Resorts and Caesars Entertainment that saw multiple internal systems, including some gaming operations, disabled. MGM has since revealed it expects the attack to have a negative impact of around US$100 million on its Adjusted EBITDAR for the month of September.