MGM Resorts Cyberattack Reportedly Costing Casino $100 Million

The cyberattack that took place in September 2023 in multiple states has reportedly cost the attacked establishments millions of dollars.

One America News (OAN) reported that MGM Resorts announced the recent cyberattack will cost the casino giant over $100 million, as seen in a regulatory filing to the U.S. Securities and Exchange Commission (SEC).

The cyberattack, which occurred on Sept. 10, 2023, forced MGM Resorts to shut down their casino and hotel computer systems at properties across the U.S. to protect their data, according to OAN.

The casino titan said reservations and casino floors at their properties were affected. Customers posted images on social media showing slot machines with error messages and queues at hotels at MGM Resorts’ Las Vegas property.
MGM Resorts announced the end of the cyberattack on Sept. 20, 2023, marking a 10-day shutdown.

“While we experienced disruptions at some of our properties, operations at our affected properties have returned to normal, and the vast majority of our systems have been restored,” MGM CEO Bill Hornbuckle said in a letter to customers. “We also believe that this attack is contained.”

The hackers responsible for the cyberattack are said to have been a group called AlphV, Reuters reported. AlphV reportedly worked with another hacking group called Scattered Spider to infiltrate MGM’s systems.

In the 10-day cyberattack that crippled MGM Resorts, the casino titan refused to pay hackers’ ransom demands, sources told The Wall Street Journal.

The hackers were able to obtain access to names, phone numbers, addresses, dates of birth and driver’s license numbers of customers who conducted business with MGM dating back to March 2019, Hornbuckle’s letter states, as reported by the New York Post.

“The types of impacted information varied by individual. We also believe a more limited number of Social Security numbers and passport numbers were obtained. We have no evidence that the criminal actors have used this data to commit identity theft or account fraud,” Hornbuckle wrote.

Hornbuckle added that MGM is now increasing its Information Technology (IT) capacity to help limit and protect against any future cyberattacks.

“We will offer free identity protection and credit monitoring services to individuals who receive an email from us indicating that their information was impacted,” he said.