ShareMGM Resorts International has fallen victim to a cybersecurity attack that disrupted operations across various properties. The attack has affected systems including ATMs, slot machines, and even room keys, leaving thousands of guests unable to return to their suites.
Investigation Underway
On the evening of September 10, 2023, MGM Resorts identified a cybersecurity issue affecting some of its systems. Disgruntled guests had already started to post images of slot machines with out-of-service screens on social media and then it became clear that they were unable to return to their rooms.
The morning after, MGM Resorts issued a statement confirming the attack and writing that an investigation is already underway with leading experts in the field of cybersecurity.
“MGM Resorts recently identified a cybersecurity issue affecting some of the Company’s systems. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts.”
Specifics of the attack have yet to be made public and we don’t know if a ransom demand has been issued. If a ransom is paid, or even demanded, exchange-listed companies are bound by SEC regulations to disclose this information publicly.
At the time of writing, MGM Resorts is yet to confirm or deny that this is a ransomware attack. However, it has been made public that the FBI ้has been working closely with MGM since Sunday morning.
Adam Stone from ABC News reported:
“FBI is now working with MGM on its cybersecurity incident that is impacting operations at MGM Resorts. Guests report great impacts to operations. FBI has been in contact with MGM, we are told since Sunday morning. Investigation into the cyber incident is underway.”
MGM Resorts has been the victim of a cybersecurity attack before. In 2019, the information of 142 million guests was put up for sale on the dark web for a paltry $2,900. In 2020, MGM admitted that the attack had taken place, confirming that a Russia-based group was responsible.
While names, telephone numbers, and birthdates were stolen, fortunately the attack did not include seizing sensitive financial, credit and debit card, or password information.
