MGM Resorts Hit by Major Cyberattack, Disrupting Casino Services


MGM Resorts recently found itself on the receiving end of a cyberattack that’s scattered its once ordered house of cards. This has resulted in potential privacy breaches and widespread technical disruptions, dating back to the the previous week. Guests have been grappling with issues ranging from malfunctioning digital keys to non-responsive slot machines, painting a far from idyllic holiday picture.

Just days following MGM’s initial reporting of a cybersecurity issue on September 11, Caesars Entertainment, in a somewhat belated acknowledgment, conceded that it too had been hit by a digital intrusion on September 7. While the hackers harvested data from Caesars’ loyalty program, this breach elicited a payout of approximately $15 million.

Follow us on Google News! ✔️

MGM, boasting an impressive array of properties globally, which include a significant presence on the Las Vegas Strip, took precautionary measures to stave off further damage by suspending its online functions. This was aimed at shielding the company’s in-house information. Despite not responding to requests for comments by The Washington Post, the backdrop is nevertheless being set for an FBI investigation, corroborated by The Post. The Nevada Gaming Control Board also affirmed its supervision of the unfolding situation, in co-ordination with MGM leadership and law enforcement.

Adam Levin, renowned cybersecurity expert and founder of CyberScout, suggests the shutdown was imperative in order to prevent further penetration into the system. He noted, “The casino at one point was reduced to pen and paper,” emphasizing the wide-scale implications of the attack that affected ATM machines, slot machines, digital room keys, and electronic payment systems.

Since this digital debilitation, MGM has been gradually restoring its services, although some still remain offline. The shockwaves from the unwarranted cyberattack continue to ripple through the company’s operations, leaving guests and industry players bracing for the fallout.

In light of these recent events, it becomes fundamentally essential to understand cyber-security threats within a circle surrounded by neon lights and big dreams. This encompasses being—or planning to be—a guest at a casino that could be susceptible to the expanding web of cyberattacks.

The assault on MGM was reportedly orchestrated by a youthful, English-speaking cohort known as Scattered Spider. Initially flexing their cyber muscles in the profitable arena of phone-based scams, they have now entered the big leagues of hacking, aligning themselves with the notorious ransomware group, BlackCat. This affiliation involves Scattered Spider infiltrating corporations and installing BlackCat’s encrypting program, culminating in a sharing of the proceeds post-ransom negotiations.

The hacker group claimed to have taken control of MGM’s Okta authentication servers, thus granting them considerable access within the casino’s networks. Their malicious activities started as early as September 8, according to a public statement issued by BlackCat.

Stories of guests affected by this large-scale cyber attack outline its severe impact on operations. Rachael Hooks, a visitor from the United Kingdom, recalls massive lines, non-functional slot machines, and escalating problems at MGM hotels and casinos throughout her one week stay in Vegas for her wedding.

Despite ongoing efforts to restore services, disruptions persist. MGM recommends guests navigate these circumstances by opting for analogue solutions such as physical key cards for room access and offline bookings. Despite the casino’s claims of functioning ATMs and achievable digital restaurant or show reservations, the reimbursement of slot machine winnings and use of rewards points still remain an issue.

While it’s a simple matter to observe these challenges as short-term difficulties, industry experts suggest these repercussions are far from over. With MGM’s information compromise and prolonged interruptions, cyberattack victims are often left to question the safety of their personal information.

Even in this modern age of heightened cybersecurity, institutions such as casinos may always remain valuable targets for hackers due to the sheer volume of personal and financial data they store. The recent MGM attack yet again highlights the urgent need for a robust data security framework that can protect guest information from falling into the wrong hands.