Cyber Incident Victim: Cache Creek Casino Resort

Cache Creek Casino Resort in Northern California experienced a significant operational disruption beginning September 20, 2020, when it shut down due to a confirmed external cyberattack targeting its computer network. The Yocha Dehe Wintun Nation, which owns the casino, publicly acknowledged the attack on September 23 after initially describing the outage as a "systems infrastructure failure." The forced closure affected all casino operations, including gaming floors and hospitality services, with no immediate timeline provided for restoration. Management initiated an investigation to determine the attack's scope and origin, though they did not disclose technical details about the intrusion method or specific compromised systems. This marked one of the first confirmed cyberattacks against a Northern California tribal casino, occurring during a period of heightened vulnerability for the gaming industry amid pandemic-related operational challenges.

The incident drew attention to broader cybersecurity risks within the casino sector, as two Las Vegas properties—Four Queens Hotel and Casino and Binion’s Casino—had suffered similar disruptions earlier in 2020, resulting in temporary cash-only operations and nonfunctional slot machines. While Cache Creek's owners did not confirm ransomware as the attack vector, industry observers noted parallels to previous casino incidents involving ransomware-induced operational paralysis. The prolonged closure caused substantial revenue loss and necessitated employee furloughs, compounding financial strain from pandemic-related capacity restrictions. No customer data breaches or ransom demands were publicly reported in connection with the attack. Recovery efforts remained ongoing at the time of the last public update, with the tribe prioritizing system restoration and forensic analysis.