How MGm Resorts lost $100 million as a result of a simple vishing call

Cyberattack on MGM Resorts: A Financial Debacle

MGM Resorts encountered a devastating cyberattack recently, incurring an approximate financial setback of $100 million. Unveiled on September 11, this digital attack led to the temporary shutdown of multiple systems within MGM’s various properties, disrupting operations and inflicting significant monetary losses.

Details of the Attack

The digital onslaught on MGM Resorts wasn’t confined to a single property but spread across its flagship resort and other prestigious properties like Mandalay Bay, Bellagio, The Cosmopolitan, and Aria. The cybercriminals managed to disrupt a range of operations, from the functioning of slot machines and the systems overseeing restaurant management to the technology behind room key cards. Despite the containment efforts by MGM, the attackers successfully exfiltrated a diverse set of customer data, including but not limited to names, addresses, phone numbers, driver’s license numbers, Social Security numbers, and passport details. Fortunately, credit card details remained secure and unaffected.

Economic Fallout

The cyber intrusion had a profound economic impact on MGM Resorts, with losses estimated around $100 million. This financial blow is anticipated to ripple through the earnings of the third and fourth fiscal quarters. However, MGM remains optimistic, projecting a 93% occupancy rate in October and planning for a complete operational recovery in Las Vegas by November. Expenses related to the cyberattack, including consultancy fees, legal services, and other related costs, amounted to less than $10 million.

Compromise of Customer Data

A vast array of customer data, from Social Security numbers to passport details, was pilfered during the cyber attack. The total count of individuals affected by this breach remains uncertain as MGM has not issued any comments on this matter. Proactive measures have been initiated by MGM Resorts to assist the victims of this data breach, including the establishment of dedicated phone lines and informational websites. The company also intends to reach out to the affected individuals via email, extending offers for identity protection services.

Identity of the Attackers

Initially, the cyberattack was attributed to hackers affiliated with a group known as Scattered Spider. This group later joined forces with a Russian ransomware collective known as Black Cat/AlphV. Scattered Spider has a notorious reputation, being implicated in several major cyberattacks over the past year, targeting entities like Reddit, Riot Games, Coinbase, and even another major player in the casino industry, Caesars Entertainment.

Recovery and Response

In response to the cyberattack, MGM Resorts took immediate action by shutting down all its systems to thwart further unauthorized access to customer data. Since these initial countermeasures, the company’s domestic properties have seen a return to normalcy in operations, with the majority of systems that interact with guests being restored. Efforts are ongoing to bring the remaining affected systems back online, with full restoration anticipated in the near future.

Conclusion and Future Implications

The cyberattack experienced by MGM Resorts highlights the substantial risks and potential financial damages associated with digital security breaches in the hospitality sector. With the compromise of sensitive customer information and the incurrence of hefty financial losses, this incident serves as a stark reminder for all businesses in the industry to bolster their cybersecurity infrastructure to safeguard against future digital threats. The episode underscores the imperative for continuous investments in state-of-the-art cybersecurity mechanisms and protocols to preemptively mitigate the risks of future cyber-attacks and protect sensitive customer data.