MGM Resorts Faces $100 Million Loss from Cyberattack
No attachments for this post
MGM Resorts revealed that a cyberattack in September led to the theft of some customers' personal data, a breach expected to cost the company around $100 million. Initially reported on September 11, the attack—later attributed to the ALPHV subgroup Scattered Spider—had caused major disruptions across MGM properties, disabling ATMs, slot machines, and affecting the company's online presence.
Thursday's regulatory filing by MGM disclosed that the attackers accessed details of customers who engaged with the company before March 2019. Data compromised includes names, contact information, birth dates, and driver license numbers. In a few cases, Social Security and passport details were also breached. The total number of affected individuals remains undisclosed, but given MGM's global clientele, it could be substantial.
Despite this breach, MGM believes payment details and passwords remained secure. The incident's financial impact on the third-quarter profit is estimated at about $100 million. Furthermore, MGM has already spent $10 million on incidental expenses such as legal and consulting fees.
The Wall Street Journal reported that MGM chose not to pay the demanded ransom, the amount of which remains undisclosed. Caesars Entertainment, another hotel giant attacked recently (allegedly by the same group), reportedly settled half of the $30 million ransom to prevent the leak of stolen data.
MGM remains optimistic that their cyber insurance will adequately cover the financial consequences of this incident. They also noted no signs that the stolen data has been utilized for fraud or identity theft. No updates or data releases have been identified on the dark web associated with the ALPHV ransomware group.
While MGM assures that the cyberattack's impact is fully neutralized and normal operations have resumed, some services, as noted by users on social media platforms, remain inaccessible. MGM stated that they are diligently working to restore all affected systems within the next few days.
Comments on this post
No comments have been added for this post.
You must be logged in to make a comment.