Published: October 1, 2023

Caesars Casino decision to pay cyber-hackers $15 million sets dangerous Las Vegas Strip precedent

The resort casino operator made a choice that might come back to haunt it and its Las Vegas rivals.

Sometimes doing something that looks like a smart short-term financial move has longer-term negative consequences.

For example, buying a cheaper car that has higher maintenance costs or not keeping your roof in good shape are choices that come back to bite you. 

In other cases, some business moves simply set bad precedents.

Businesses, for example, do better financially when their return policies are clear. If a company takes items back without receipts, with parts missing, or many months after sales, that might seem like good customer service, but in fact it undermines the overall business.

Sometimes business owners have to make uncomfortable choices that hurt a lot in the moment but avoid setting bad precedents. 

Caesars Entertainment  (CZR) - Get Free Report recently violated a key operating rule when it opted to pay hackers $15 million so they would not interrupt their operations. 

Rival MGM Resorts International  (MGM) - Get Free Report opted not to pay and the hackers brought down many of the resort casino operator's systems, not just on the Las Vegas Strip, but nationwide. 

Not paying was much more expensive than paying, but it was the right choice, according to National Cybersecurity Alliance Executive Director Lisa Plaggemier.

MGM refused to pay ransom    

When it refused the hackers' ransom, MGM saw many of its hotel and casino systems crash, Its reservation system went down, and it was reduced to paying out slot machine winners by hand. 

The hack cost the company about $8.4 million a day, according to, but that was the correct response, Plaggemier told the website.

"Just like the FBI or any federal law enforcement agency will tell you, the best way to deal is not to pay. The more organizations pay, the more cybercriminals are going to keep doing it," she said.

That's generally the policy when dealing with hackers, kidnappers and anyone looking for a ransom. If you pay them what they want, it does not prevent them from coming back and asking for more. It also sends a clear message that your company is an easy mark.

"At the end of the day, they’re criminals," she said. "Considering that you know these are individuals who did this in the first place, are you really going to take their word for it? Because that’s all you have, and you’re assuming honor amongst thieves, which I think is always an iffy proposition." 

MGM operations are back to normal  

MGM was not only the victim of a cyberattack, it also brought down some of its systems to prevent them from being compromised. 

It's one thing to have to manually check customers in or to have digital room keys not work, and another thing entirely if slot machines start paying jackpots on every spin.

The company posted on X, formerly Twitter, on Sept. 22 at 8 p.m. U.S. Eastern that its online-reservations system had been restored. MGM was still encouraging people to call or use their casino host to make reservations so as not to overwhelm the system.

MGM's cyberattack began on Sept. 10, so it likely lost much more than paying the ransom would have cost the company.

The resort casino operator waived cancellation and change fees during the period the attack was affecting its operations. It also increased its personnel on its casino floors at its Las Vegas Strip and regional casino properties.

© Public Gaming Research Institute. All rights reserved.