MGM Resorts has successfully restored its operations in all hotels and casinos after experiencing a disruptive cyberattack. The company was able to bring its systems back online; however, updates to MGM Rewards accounts and promotional offers may still be unavailable for now.
The cyberattack occurred on September 11 and resulted in various issues, such as websites going offline, slot machines malfunctioning, and some transactions being limited to cash only. The ALPHV ransomware group claimed responsibility for the attack, stating that they utilized social engineering tactics to gain access to the systems. These groups often demand a ransom in exchange for access or information.
MGM Resorts has not disclosed specific details regarding the full extent of the breach, including the type of compromised information or the financial implications for the company. However, cybersecurity experts estimate that the computer shutdown could have cost the company up to $8 million per day, resulting in a potential cumulative impact of $80 million.
In a similar incident, Caesars Entertainment, a rival casino operator, also experienced a cyberattack on September 7. Although the attack did not affect its casino and online operations, the company expressed concerns over the potential compromise of personal information belonging to millions of customers. This sensitive data includes driver’s licenses and Social Security numbers, raising significant security and privacy concerns.
Caesars reportedly paid a substantial sum of $15 million to a group known as Scattered Spider, which had demanded a ransom of $30 million, in order to secure assurances of data security.
MGM Resorts responded promptly to the cyberattack by shutting down several systems and releasing an official statement addressing the situation. During the website disruption, the company temporarily replaced its homepage with an apology message and provided concierge phone numbers for various locations, including Aria, The Cosmopolitan, Mandalay Bay, Bellagio, New York-New York, and Vdara.
The incident has had far-reaching consequences, impacting not only MGM’s properties in Las Vegas but also regional resorts such as MGM Springfield in Massachusetts, MGM National Harbor, and the Empire City Casino in New York.
Moving forward, MGM Resorts will continue to work towards resolving any remaining issues and ensuring the security of its systems and customer data.