In a recent development, MGM Resorts has confirmed that hackers managed to steal customer data during a cyberattack that occurred in September. This cyberattack is estimated to cost the hotel and casino giant around $100 million.
Key Takeaway
MGM Resorts confirms that hackers stole customers’ personal data during a cyberattack, potentially affecting a significant number of individuals. The company expects the breach to cost approximately
00 million and has incurred additional expenses related to the incident. While the cyberattack has been contained, some services are still not operational. No evidence of misuse of the stolen data has been found so far.
The Cyberattack
MGM Resorts first revealed the large-scale cyberattack on September 11, causing significant disruption across its properties. The hackers, identified as the ALPHV subgroup Scattered Spider, took control of MGM’s systems, leading to the shutdown of ATMs, slot machines, and the company’s website and online booking systems.
Stolen Personal Information
According to MGM Resorts’ regulatory filing, the hackers obtained personal information of customers who had transacted with the company prior to March 2019. This includes names, contact information, gender, dates of birth, and driver’s license numbers. For a limited number of individuals, Social Security numbers and passport details were also accessed.
Impact and Response
The number of affected customers is currently unknown, but considering the millions of visitors the resorts attract each year, the scale of the breach could be significant. MGM Resorts spokespersons have remained tight-lipped about the incident.
MGM confirmed that customer passwords and payment details were not compromised during the attack. However, the company expects the cyberattack to result in a reduction of approximately $100 million in third-quarter profits. Additionally, MGM has incurred around $10 million in one-time expenses related to the incident, primarily on technology consulting services, legal fees, and other third-party advisors.
Ransom Demand and Cyber Insurance
It remains unclear whether MGM Resorts paid the hackers’ ransom demand, the amount of which has not been disclosed. Caesars Entertainment, a rival company also targeted by a recent ransomware attack, reportedly paid half of the $30 million demanded by the hackers to prevent the disclosure of stolen data. The Scattered Spider group, allegedly responsible for both attacks, denied any involvement with the Caesars incident.
While MGM stated that its cyber insurance policy is expected to cover the financial impact, the full extent of the costs and consequences of the breach remains undetermined.
No Evidence of Misuse
MGM asserts that there is no evidence indicating that the stolen data has been used for identity theft or account fraud. However, the listing for MGM Resorts on the dark web leak site of the ALPHV ransomware gang remains unchanged, with no data published by the hackers.
Restoration of Services
MGM Resorts claims that the cyberattack has been fully contained, and operations at its resorts have returned to normal. However, as of now, some of MGM’s services, including its mobile app, are still non-operational, based on customer complaints on social media.