MGM Resorts International is grappling with the aftermath of a cyberattack that disrupted its operations, impacting bustling Las Vegas properties such as the Bellagio and MGM Grand, ABC News reported.
“We continue to work diligently to resolve our cybersecurity issues while addressing individual guest needs promptly,” MGM Resorts said in a statement Thursday, per ABC.
Last weekend, MGM Resorts fell victim to hackers on Sunday morning, which led to a range of disruptions including the inaccessibility of doors at the company’s casinos and hotels, non-functional slot and ATM machines, malfunctioning elevators, and lengthy guest check-in delays.
The FBI has initiated an investigation into the attack and has maintained communication with the company since the incident’s occurrence. The Cybersecurity and Infrastructure Security Agency (CISA), a part of the U.S. Department of Homeland Security, also announced its engagement with MGM Resorts to assess the impacts of the recent cyber incident and offer any necessary assistance.
Reports from VX-Underground, a research group specializing in malware, posted on X that it believes the ransomware group “ALPHV,” also known as Black Cat, may be responsible for the MGM cyberattack. However, it has not been officially confirmed by authorities.
All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk.
A company valued at $33,900,000,000 was defeated by a 10-minute conversation.
— vx-underground (@vxunderground) September 13, 2023
MGM said it “took prompt action” to protect its data following the attack on Sunday, “including shutting down certain systems,” per ABC.
Caesars Paid Hackers ‘Tens of Millions’
In a parallel development, another major resort operator in Las Vegas, Caesars Entertainment, has acknowledged falling victim to a cyberattack in recent weeks.
The hotel paid a substantial sum, estimated to be “tens of millions of dollars,” to hackers who breached their systems in late August and threatened to expose the company’s data, Bloomberg reported on Wednesday. The hacking group responsible for the attack is known as Scattered Spider or UNC 3944, known for their social engineering skills.
The hackers initially compromised an external IT vendor before accessing Caesars’ network wherein they then stole data stolen Caesars system including driver’s licenses and social security numbers of loyalty members.
“We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result,” Caesars said in a regulatory filing following initial reports by Bloomberg.