Caesars Entertainment Hacked Weeks Before MGM Breach, Allegedly Paid $30M Ransom

Spread the Word:

Caesars Entertainment reportedly paid a hefty ransom to hackers to prevent a data breach just weeks before the recent and ongoing cyberattack against MGM Resorts International.

The news that two of the biggest Nevada casino operators, and two of the largest U.S. hospitality operators in general, have been the victims of sophisticated cyber criminals over the space of a month is certainly concerning for the industry.

Caesars Entertainment, operator of Caesars Palace (pictured), Harrah’s, and many other U.S. casinos, found itself in the crosshairs of cybercriminals at the end of August.

According to insider sources spoken to by Bloomberg and The Wall Street Journal, the company paid tens of millions of dollars to hackers who had infiltrated their systems and threatened to release sensitive company data.

The exact amount remains a topic of debate, with some sources suggesting that Caesars paid roughly half of the $30 million initially demanded by the hackers. This move was made to ensure the safety of their data, end the disruption as quickly as possible, and keep the news quiet to avoid a PR disaster.

MGM Resorts in Turmoil

By paying the hackers ransom, Caesars managed to sidestep a major crisis without much press coverage at the time. However, MGM Resorts hasn’t been as fortunate.

The biggest U.S. gambling operator has been grappling with a significant cyberattack, with many of its systems, including credit card transactions, digital hotel room keys, slot machines, and sports betting kiosks being affected.

The ransomware gang, ALPHV/BlackCat, has claimed responsibility for the MGM Resorts hack. It has also targeted several other institutions, including universities and businesses.

Despite MGM claiming on social media that everything is back to fully operational, a simple scroll down through the comments shows that many guest are still experience problems with various services.

The Hackers Behind the Attacks

The hacking group known as Scattered Spider was reportedly responsible for the cyberattack on Caesars. It may have also been involved with the MGM hack, alongside a group called ALPHV/BlackCat.

In some cases, these cybercriminals gain access to internal systems through social engineering, a method where they actually talk to and manipulate companies’ employees into letting them access networks.  

According to malware resource site VX-Underground, a similar technique was used in the MGM hack.

While paying off hackers might not be seen as the “right” thing to do from an ethical standpoint, it can sometimes be the most pragmatic course of action from a business perspective.

MGM’s stock has fallen by about 1.2% since the news broke, and New York-based credit agency Moody’s has said the operator’s credit could be affected. “A credit negative event,” one analyst called it.

Meanwhile Caesars stock also fell as this week’s news broke. But it rebounded quickly.

The Aftermath and Future Implications

These two hacks have not been the only cybercrimes to rock the gambling world in recent weeks. Last week, cryptocurrency offshore casino was hit by a $40 million hack, which the FBI says was most likely perpetrated by a North Korean state-sponsored group.

These recent cyberattacks on these casino giants underscore the growing threat of digital extortion in the modern age. Companies, even multi billion international operators like MGM, must take appropriate steps to avoid its systems being compromised by bad actors.

While Caesars Entertainment might have avoided a major crisis, the incidents show there is no real good way out for operators after being hacked. The only good strategy is prevention.

In the wake of these events, Caesars Entertainment is expected to make an official disclosure to the Securities and Exchange Commission (SEC) on the details of the hack. This follows recent SEC rule changes that now mandate public companies to report cyberattacks or ransoms paid to hackers.

As for MGM Resorts, the company continues its efforts to mitigate the effects of the cyberattack and restore its systems to full functionality.

Related News

March 3, 2024

Caesars Opens North Carolina Online Sports Betting

Eight North Carolina online sports betting operators are getting ready to launch on March 11. But one sportsbook has been able to jump the gun and make a limited launch […]

February 22, 2024

Caesars Inks WynnBET and Evolution Online Casino Deals

Caesars Digital, the online gambling arm of Nevada-based Caesars Entertainment, has signed two partnerships this week to expand its brand. The two deals will enhance its live dealer casino offering […]

February 16, 2024

Wyoming Online Casino Bill Dead Before House Introduction

A bill aiming to introduce online casinos in Wyoming failed to pass the vote for a Senate discussion this week. HB120 was sponsored by Robert Davis (R-47). In a Thursday […]

February 15, 2024

Penn Entertainment Made Q4 2023 Loss, Earnings Report Reveals

To the surprise of few in the U.S. gambling business, Penn Entertainment’s Q4 2023 reports, published this week, reveal the operator made a loss after launching ESPN Bet in November […]

Stay Ahead of the Game

Are you ready to take your online gambling experience to the next level? Sign up for the LetsGambleUSA newsletter and get the latest news, exclusive offers, and expert tips delivered straight to your inbox.