MGM Resorts International, a prominent casino and hotel chain, reported experiencing a “cybersecurity issue” affecting its online systems, resulting in disruptions for customers, primarily in Las Vegas. Although specifics on the disruptions were not provided, MGM Resorts stated that it had taken immediate action to protect its systems and data, including shutting down certain systems. The company has notified law enforcement and is actively investigating the nature and scope of the matter.
Some guests complained about problems with slot machines and hotel room access, while the company’s website was also reported to be down. KTNV 13, a TV station in Las Vegas, mentioned that several gambling machines went offline, and guests encountered difficulties charging expenses to their rooms and using digital room keys.
While the exact number of affected individuals remains unknown, MGM Resorts has thousands of hotel rooms in Las Vegas, including well-known properties such as Mandalay Bay, Aria, the Bellagio, and MGM Grand Las Vegas. Cybersecurity experts suggest that the company was likely the victim of a cyberattack perpetrated by an individual or group seeking to exploit vulnerabilities in the company’s network.
Large businesses, including casinos, are common targets for cyberattacks due to their extensive data sets and potential financial gain for attackers. In such attacks, hackers typically steal data for profit or hold it hostage until a ransom is paid. The stolen data may be sold on underground online marketplaces for identity theft purposes.
Recovering from a widespread cybersecurity attack can be a lengthy process, taking months or even years. Recent cyberattacks have affected various industries worldwide, demonstrating the need for robust security measures. In 2019, MGM Resorts experienced a data breach that impacted approximately 10.6 million people.
The incident highlights the constant threats faced by companies, especially those in industries like utilities, hospitals, and casinos, where the consequences of disruptions can have significant reputational and operational impacts. Cybersecurity teams must remain vigilant and adapt to evolving threats as attackers only need to succeed once.