MGM Resorts Reveals Ransomware Attack’s $100 Million Toll, Customer Data Compromised
MGM Resorts Reveals Ransomware Attack’s $100 Million Toll, Customer Data Compromised

Image: Alexander Grey (unsplash)

MGM Resorts announced that a cyberattack they suffered last month resulted in a loss of $100 million, with hackers also accessing customers’ personal information.

The renowned hospitality and entertainment conglomerate reported an IT security issue on September 11, 2023. This issue affected their primary website, online booking systems, and in-casino facilities, including slot machines, credit card processing units, and ATMs.

Shortly after the incident, it became known that the group behind this disruption was linked to the BlackCat/ALPHV ransomware collective, going by the name Scattered Spider.

Utilizing tactics of social engineering, these cybercriminals infiltrated MGM’s systems, procured sensitive information, and locked over a hundred ESXi hypervisors.

The prolonged IT system downtime had a considerable impact, interrupting a wide array of the company’s business processes.

MGM’s recent FORM 8-K submission to the SEC mentioned, “The financial setback from the IT security issue in September is approximated at around $100 million. This affects the Adjusted Property EBITDAR for both the Las Vegas Strip Resorts and Regional Operations.”

The company noticed a dip in occupancy primarily due to disruptions in bookings via their official website and mobile apps. This decline was largely limited to September, accounting for 88% of the disruptions.

Beyond the loss of $100 million, MGM incurred additional expenses under $10 million for risk management, legal counsel, third-party consulting, and steps taken in response to the incident. However, MGM is optimistic about their cybersecurity insurance covering these expenses.

MGM emphasized that the fiscal repercussions will mainly be felt in Q3 2023, foreseeing no considerable long-term effects on their yearly financial outcome.

The company is confident that they have successfully contained the situation. They have fully re-established all customer-related systems, anticipating other offline systems to return to routine operations shortly.

Data Compromised: MGM has also alerted its patrons about the potential breach of their personal details for those who had dealings with the company before March 2019.

The company dispatched notices to the affected individuals, notifying them of potential exposure of the following details:

  • Full name
  • Phone number
  • Email address
  • Postal address
  • Gender
  • Date of birth
  • Driver’s license
  • Social Security Number (SSN)
  • Passport number

MGM’s thorough investigation has assured that the breach did not compromise customer passwords, banking details, or payment card data.

As a gesture of goodwill and to ensure safety, MGM is offering complimentary credit monitoring and identity safeguarding services to the victims. They have also advised their patrons to stay wary of unanticipated communications that seek personal data, recommending periodic reviews of account statements and credit reports to detect any anomalies.