Caesars reportedly paid millions to stop hackers releasing its data | It’s the second Las Vegas casino group to be attacked this week.::Caesars Entertainment reportedly paid “tens of millions of dollars” to hackers who threatened to release company data.
User being phished doesn’t leak the company’s database though.
I think “user” in this case means “employee”. Phishing is by far the most common point of entry.
It does if that user has rights to access those databases, that would be a non-zero number of marketing analysis, p&a, data scientists, IT staff who maintain that infrastructure, etc. The most dangerous one is a compromised IT admin account and from the looks of it that happened to MGM this week