Published: September 11, 2023

MGM casinos hit by cyberhack that led to computer shutdowns at properties across U.S.

LAS VEGAS -- A "cybersecurity issue" led to the shutdown of some casino and hotel computer systems at MGM Resorts International properties across the U.S., a company official reported Monday.

The incident began Sunday. The extent of its effect was not immediately known on reservation systems and casino floors in Las Vegas and states including Maryland, Massachusetts, Michigan, Mississippi, New Jersey, New York and Ohio, company spokesman Brian Ahern said.

The FBI is "aware of the incident," the bureau said in a statement from its national press office. It characterized the event as "still ongoing" and did not disclose details.

MGM Resorts said in a statement it identified a "cybersecurity issue affecting some of the company's systems" and that its investigation involved external cybersecurity experts.

The nature of the issue was not described, but the statement said efforts to protect data included "shutting down certain systems." It said the investigation was continuing.

A post on the company website said the site was down. It listed telephone numbers to reach the reservation system and properties.

A post on the company's BetMGM website in Nevada acknowledged that some customers were unable to log on.

The company has tens of thousands of hotel rooms in Las Vegas at properties including the MGM Grand, Bellagio, Cosmopolitan, Aria, New York-New York, Park MGM, Excalibur, Luxor, Mandalay Bay and Delano.

It also operates properties in China and Macau.



Cyber attacks: Caesars acknowledges potential customer data exposure; MGM systems continue to experience disruption

Casino giant Caesars Entertainment officially confirmed that it suffered a data breach that may have resulted in the exposure of sensitive information, including data from its loyalty program database. The company disclosed that hackers gained access to details, such as driver's license numbers, and potentially Social Security numbers, affecting a substantial number of members within the database.

The security incident that took place on September 7 originated from a "social engineering attack" targeting the company's outsourced IT support vendor, the company informed the federal Securities and Exchange Commission. The company noted its casino and online operations were not disrupted.

"We have incurred, and may continue to incur, certain expenses related to this attack, including expenses to respond to, remediate, and investigate this matter," Caesars said in its latest regulatory filing, as reported by ReutersThe Wall Street Journal on Thursday reported that the company paid approximately half of a $30 million ransom demanded by the hackers.

Caesars is currently conducting an investigation into the extent of the data leak. The Reno-headquartered company said there is no evidence indicating that member passwords, PINs, bank account information, or payment card details were accessed.

Meanwhile, MGM Resorts International, another casino group that is believed to have also been targeted by the same group of attackers, continues to grapple with the aftermath of a cybersecurity issue. The incident caused significant disruption across its casinos in the United States, impacting the company's websites, reservation system, and certain slot machines. The FBI is currently investigating the incident.

As of Thursday, some of MGM Resorts' computer systems, including those responsible for hotel reservations and payroll, remained offlineWJTV reports. However, company spokesman Brian Ahern assured that the firm's 75,000 employees in the United States and around the world are expected to receive their salaries on schedule, the report said.

Earlier this week, it was reported that both breaches were allegedly carried out by a group of cyber attackers known by the name "Scattered Spider". Also known as UNC3944, the cybercriminal group composed of hackers primarily based in the United States and the United KingdomBloomberg reported, citing a cybersecurity researcher familiar with the group.

The hackers include individuals as young as 19 years old. Scattered Spider has a track record of targeting telecommunications and business process outsourcing companies, employing techniques such as SIM swaps of phone numbers to execute phishing attacks, steal data, and extort ransoms.

The group claimed responsibility on Thursday and said it took six terabytes of data from the systems of MGM and Caesars as both companies probed the breaches. Speaking to Reuters via the messaging platform Telegram, a representative for the group said it did not plan to make the data public.


US casino giant MGM Resorts battles 36-hour outage after cyber attack


Multiple systems at US hotel and casino operator MGM went down in the wake of the incident on 10 September, crippling several of Las Vegas’ most prominent casinos

© Public Gaming Research Institute. All rights reserved.