MGM Continues Working Through Cybersecurity Breach

Author: Sean Chaffin | Fact checker: Tommi Valtonen · Updated: · Ad Disclosure
Ad Disclosure
BonusFinder is an independent online casino comparison website with affiliate links. This means that we may receive compensation if you take up an offer on our list. Our team is dedicated to finding the best bonuses and casinos for you to play safely, and we review every bonus before adding them to our website.

After more than a week of service interruptions, MGM Resorts continued dealing with the results of a major cybersecurity issue as of Monday but reported making progress. That included company websites once again operational to some degree with more features available in the coming days.

“Although the issue is affecting some of the Company’s systems, the vast majority of our property offerings currently remain operational, and we continue to welcome tens of thousands of guests each day,” the company noted. “We are ready to welcome you.”

Cyberattacks Hamper Operations

As the company continues dealing with disruptions in operations from a cyberattack that began on Sept. 10, MGM officials reported progress on a few fronts including property reservations being available.

MGM can also now accept credit card transactions. Properties are accepting hotel reservations through third-party booking sites, although online options through the company’s own websites aren’t available. Regarding the websites, MGM noted several positive steps now allowing guests to:

  • Book dining, bar, lounge, and nightlife reservations.
  • View available shows, concerts, and attractions, and link to ticketing websites.
  • Book services at spas or salons.

Struggles Remain

Despite seeing some of the company’s systems come online, challenges remain for MGM. Some employees reported receiving late paychecks and while slot machine play returned to the casino, some properties were making cash payouts to players.

“Also not working was the MGM Rewards card system that gives points for customer slot play to be redeemed for extra games, food, hotel rooms, merchandise and other amenities,” the Las Vegas Review-Journal reported Saturday. “Some of the machines were taken down because of the staffing it required to pay players by hand, a Bellagio slot supervisor said. A number of machines were closed down at Aria, where players were also being paid out in cash by attendants.”

The company’s email systems remained down through the weekend. The hit to MGM finances could be significant, especially considering challenges faced by slot machine operations. Slots generally account for two-thirds or more of most casinos’ gaming operations.

The Daily Mail reported that the company could be losing as much $8.4 million per day because of the hacks. Equity analyst David Katz estimated a 10-20% reduction on revenue and cash flow during the time that the operations disruptions continue. MGM has apparently asked as many employees as possible to help in properties’ operations.

“Employees at the MGM Grand and Park MGM who did not want to be identified described the past week as rough and an all-hands-on-deck situation,” the Review-Journal noted. “One corporate MGM employee said the company has called everybody in – including those on the corporate level – to help the properties manage customers and guests and assist with slot payouts.”

Caesars Pays Ransom

Dealing with cyberattacks is an increasing concern for gaming companies. Gateway Casinos and Entertainment faced a ransomware attack in mid-April that saw many of the company’s Canadian casinos shut down. Beyond gaming, the company was also forced to reschedule concerts and shut down other entertainment options. Staff members worked around the clock to resolve the issues over two weeks as most employees and guests were shut out.

A ransomware attack seems to be suspected in the MGM attacks with a group known as Scattered Spider is believed to be behind the breach Vox notes that “Scattered Spider specializes in social engineering, where attackers manipulate victims into performing certain actions by impersonating people or organizations the victim has a relationship with. The hackers are said to be especially good at ‘vishing,’ or gaining access to systems through a convincing phone call rather than phishing, which is done through an email.

“In this case, it appears that the hackers found an employee’s information on LinkedIn and impersonated them in a call to MGM’s IT help desk to obtain credentials to access and infect the systems. A subsequent Bloomberg report, citing an executive at cybersecurity company Okta, blamed a successful social engineering attack on the help desk as well. MGM is a client of Okta’s and the company has been assisting MGM in the wake of the attack.”

Last week, Caesars Entertainment offered some information on an attempted attack on its own computer systems this summer. The hackers used a similar method to gain access to Caesars systems.

“After detecting the suspicious activity, we quickly activated our incident response protocols and implemented a series of containment and remediation measures to reinforce the security of our information technology network,” Caesars noted in a Securities and Exchange Commission filing.

Some guests’ driver’s license and social security numbers may have been compromised via its loyalty card program. The company is offering credit monitoring services and identity theft protection to all members. In the end, Caesars paid a $30 million ransom, the Wall Street Journal reported, to get past the issues.

author
Author
iGaming Expert

Sean Chaffin is a longtime freelance writer, editor, and former high school journalism teacher. He's written on numerous poker and igaming publications and has more than 8,000 followers on Twitter under the handle @PokerTraditions.

Author of Raising the Stakes: True Tales of Gambling, Wagering and Poker Faces, Sean is a respected figure in the writing industry. As a testament to this, he's also received Aynesworth Award for investigative magazine journalism in 2017.