Running Aces Data Breach Exposes SSNs of 17K Individuals

Running Aces Casino, Hotel & Racetrack, an entertainment destination in Columbus, Minnesota, recently experienced a significant data breach involving sensitive customer information of at least 17,937 people. The incident was first discovered on Aug. 12, 2025, and was later disclosed to the Attorney Generals' offices in Maine, New Hampshire and Massachusetts in December 2025.

According to the notice, the breach involved unauthorized access to certain systems during a limited period. While public reporting previously attributed the activity to a ransomware group, the company’s notice states only that an unauthorized actor accessed its systems. A third party forensic investigation determined that the incident occurred between approximately July 27, 2025, and August 14, 2025.

The breach was allegedly carried out through a ransomware attack attributed to the Qilin group, a known cybercriminal organization. Qilin claimed responsibility for the attack and posted sample screenshots of the stolen data on their dark web portal on Sept. 8, 2025, indicating that the compromised information may have been exposed to malicious actors.

The specific data elements varied by individual but may have included names, Social Security numbers, dates of birth, and driver’s license numbers. The sensitivity of the potentially impacted information means affected individuals may face an increased risk of identity theft or fraud, particularly where Social Security numbers or driver’s license numbers were involved.

Running Aces Casino's response

After discovering the incident, Running Aces launched an investigation, notified law enforcement, and engaged a national cybersecurity firm to assess the scope of the incident and strengthen system security. The company is also offering complimentary identity protection and credit monitoring services through Experian.

If you receive notification from Running Aces Casino about this breach, you may want to:

• Sign up for the free Experian IdentityWorks identity theft protection services, offered by the company.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

For affected individuals with questions, Running Aces Casino has set up a call center at 844 572-2717, Monday through Friday, 8 a.m. to 5:30 p.m. CT.