MGM Resorts Cyberattack: Massive $100 Million Loss, Extent of Data Breach Disclosed

The casino giant reportedly did not pay the ransom.

MGM Resorts Cyberattack: Massive $100 Million Loss, Extent of Data Breach Disclosed
The marquee and sign at an entrance at MGM Grand Hotel & Casino display messages after the Las Vegas Strip resort was closed as the coronavirus continues to spread across the United States on March 17, 2020 in Las Vegas, Nevada. Ethan Miller/Getty Images
(Photo: Ethan Miller/Getty Images) The marquee and sign at an entrance at MGM Grand Hotel & Casino display messages after the Las Vegas Strip resort was closed as the coronavirus continues to spread across the United States on March 17, 2020 in Las Vegas, Nevada.

MGM Resorts reported $100 million in damage from a September hack. The cyberattack, which was later claimed by hackers from the ALPHV subgroup Scattered Spider, caused significant issues for several MGM properties. Both operations and consumer data were affected.

On September 11, MGM Resorts announced the hack, which disrupted ATMs, gambling machines, and the prominent hotel and casino corporation's website and online booking systems.

The firm said in a regulatory filing that the attackers stole consumer personal information from MGM Resorts transactions before March 2019. This stolen data consists of customer names, contact information, genders, birthdates, and license numbers. The hackers also gained access to the Social Security numbers and passport information of a small number of MGM costumers.

The Scope of the Cyberattack

There is uncertainty regarding the precise number of people affected by the data leak. Since MGM Resorts receives tens of millions of visitors each year, the breach's scope may be large. Andrew Chapman and Brian Ahern, two company spokesman, declined to give more information on the event.

Even after the MGM Resort cyberattack disabled multiple guest-facing systems, the hackers gained access. The cyberassault did not breach users' bank accounts or credit card information. However, customer names, license numbers, and Social Security numbers were obtained.

The cyberattack did not affect MGM Resorts' luxury resort hotel, The Cosmopolitan of Las Vegas.

According to a TechCrunch report, MGM Resorts seemingly did not pay a ransom to the cyberattackers, in contrast to several other hack victims. The Scattered Spider organization, which carried out the attack, has declined to comment on the ransom demand's specific dollar figure.

Caesars Entertainment, a competitor of MGM, is rumored to have paid almost half of a $30 million ransom to avoid the release of stolen data in a cyberattack incident. The Scattered Spider organization denies taking part in the Caesars cyberattack.

After September 14, the ALPHV ransomware gang's dark web leak site has not updated MGM Resorts' listing, and the hackers have not yet disclosed any of the hotel giant's data.

MGM Resorts Keeps Positive Outlook Amid Massive Financial Loss

The MGM cyberattack had a massive financial impact. MGM Resorts estimated that its third-quarter profit would decline by around $100 million in its regulatory filing. The corporation spent $10 million on legal representation, technological consultation, as well as external experts relating to the issue.

The MGM CEO, Bill Hornbuckle, expressed hope in an open letter that was issued on Thursday night, saying that "the vast majority of our systems have been restored," and the business thinks the attack has been stopped, according to NBC News.

Despite this setback, MGM Resorts anticipates good fourth-quarter profits, mostly due to a Formula One racing event scheduled for Las Vegas, per Reuters.

byline-quincy
byline-quincy byline-quincy
ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics