Taos Mountain Casino in New Mexico this week notified an undisclosed number of people about a March 2026 data breach that compromised names, Social Security numbers, and addresses.
The casino said it discovered the breach on March 28, 2026. A cybercriminal group called DragonForce took credit for the breach on May 30. On the group’s data leak site, DragonForce said it stole 38.6 GB of data from the casino.
Taos Mountain Casino has not acknowledged DragonForce’s claim and Comparitech cannot independently verify its authenticity. We do not know how many people the casino notified, how attackers breached its network, if it paid a ransom, or how much DragonForce demanded. Comparitech contacted Taos County Casino for comment and will update this article if it replies.
“On March 28, 2026, TMC detected suspicious activity on its computer systems,” says the casino’s notice (PDF) to breach victims. “On May 4, 2026, the forensic investigation found evidence that some TMC files were accessed by an unauthorized actor.”
Taos Mountain Casino is offering breach victims 12 months of free credit monitoring and identity theft restoration through Kroll.
Who is DragonForce?
DragonForce is a ransomware gang that first started claiming responsibility for attacks on its leak site in December 2023. It operates a ransomware-as-a-service business in which customers pay to use DragonForce’s malware and infrastructure to launch attacks and collect ransoms. DragonForce often extorts victims both to unlock infected systems and to destroy stolen data.
DragonForce has claimed responsibility for 218 ransomware attacks in 2026 to date. Of those, 18 were confirmed by the targeted organizations.
Ransomware attacks on casinos
Taos Mountain isn’t the first casino hit by a ransomware attack.
- Jackpot Junction Casino Hotel reported a March 2025 data breach claimed by RansomHub
- Sault Ste. Marie Tribe of Chippewa Indians reported a February 2025 data breach claimed by RansomHub that affected casinos and other services
- Lucky Start Casino reported a June 2021 ransomware attack
- Running Aces Casino, Hotel & Racetrack notified 17,937 people of a July 2025 data breach claimed by Qilin
- OYO Hotel & Casinos Las Vegas notified 4,742 people of a January 2025 data breach claimed by LockBit
More broadly, Comparitech has logged 135 confirmed ransomware attacks in the USA this year to date, compromising more than 780,000 personal records. Another 1,537 attack claims have yet to be confirmed.
Ransomware attacks on casinos can lock down computer systems and steal data. Once infected, attackers demand a ransom to restore systems and delete stolen data. Casinos that refuse to pay can face extended downtime, permanent data loss, and putting customers and staff at increased risk of fraud.
About Taos Mountain Casino
Taos Mountain Casino is owned and operated by the Taos Pueblo tribe in northern New Mexico.