In September [2] [5] [6] [7] [8], two major casino companies, MGM Resorts International and Caesars Entertainment, experienced cyberattacks. This article provides a detailed description of the attacks and their consequences.
Description
MGM Resorts International’s systems were shut down in a ransomware attack by the ALPHV subgroup Scattered Spider. This resulted in the shutdown of systems at several hotels and casinos [4], causing delays for guests checking in [4]. Customer data that was stolen includes names [4], contact information [1] [4] [5] [6] [7] [8], date of birth [1] [4] [5], driver’s license numbers [1] [3] [4] [5], and a limited number of social security numbers and passport numbers [1] [4] [5]. However, passwords [4], bank account numbers [4] [6] [7], and card details were not compromised [4]. While most systems have been restored [3], the hackers accessed customer information such as names, driver’s license numbers [1] [3] [4] [5], and Social Security numbers [1] [3] [4] [5] [7], but no bank account numbers or payment card information [6] [7]. The stolen data belongs to customers who did business with MGM prior to March 2019. MGM expects the breach to have a negative impact on its third-quarter financial results [7], with estimated costs exceeding $100 million. They also anticipate incurring less than $10 million in one-time expenses for legal fees and technology consulting [7]. However, MGM remains optimistic about a strong fourth quarter and does not anticipate any impact on its full-year results. They are confident that their cyber insurance policy will cover the financial impact of the attack, although the full extent of the costs is still being determined. The company is notifying affected customers and offering free credit monitoring and identity theft protection services [4]. The FBI is currently investigating the breach [1], and there is no evidence at this time that the stolen data has been used for identity theft or account fraud [5]. This incident highlights the importance of not paying ransoms to cybercriminals [2], as it does not guarantee the return of systems and data and only supports the ransomware ecosystem [2].
Caesars Entertainment also reported a cyberattack to the Securities and Exchange Commission (SEC) [8], but their casino and online operations were not disrupted [8]. The company could not guarantee the security of personal information for millions of customers following a data breach on September 7 [8]. It is unclear if a ransom was paid or who was responsible for the attack [8]. A group called Scattered Spider [8], believed to be part of a Russia-based operation called ALPHV or BlackCat [8], claimed responsibility [8]. Caesars [2] [7] [8], the largest casino owner in the world [8], has offered credit monitoring and identity theft protection to loyalty program customers [8]. The FBI is also investigating this incident [8].
Conclusion
The cyberattacks on MGM Resorts International and Caesars Entertainment have had significant consequences. MGM expects the breach to negatively impact its third-quarter financial results [7], with estimated costs exceeding $100 million. However, they remain optimistic about a strong fourth quarter and do not anticipate any impact on their full-year results. Both companies are taking steps to mitigate the effects of the attacks, including notifying affected customers and offering credit monitoring and identity theft protection services [4]. The FBI is actively investigating both incidents [8]. These attacks highlight the importance of not paying ransoms to cybercriminals [2], as it does not guarantee the return of systems and data and only supports the ransomware ecosystem [2]. Moving forward [2], it is crucial for companies to prioritize cybersecurity measures to prevent future attacks and protect customer data.
References
[1] https://www.cnn.com/2023/10/05/business/mgm-100-million-hit-data-breach/index.html
[2] https://www.darkreading.com/attacks-breaches/too-rich-to-ransomware-mgm-brushes-off-100m-in-losses-
[3] https://www.nbcnews.com/business/business-news/cyberattack-cost-mgm-resorts-100-million-las-vegas-company-says-rcna119138
[4] https://www.theverge.com/2023/10/7/23907776/mgm-refused-pay-customer-data-stolen-cyberattack-ransom
[5] https://techcrunch.com/2023/10/06/mgm-resorts-admits-hackers-stole-customers-personal-data-cyberattack/
[6] https://duo.com/decipher/mgm-resorts-details-compromised-data-financial-hit-after-cyberattack
[7] https://apnews.com/article/mgm-cyberattack-las-vegas-100-million-clorox-087726961b5366065b6231d1d223b4eb
[8] https://www.theday.com/business/20230914/casino-giant-caesars-entertainment-reports-cyberattack-mgm-resorts-says-some-systems-still-down/
