MGM Resorts Cyberattack Cost Operator $100M, Other Updates from CEO

Spread the Word:

Last month’s widely reported cyberattack on MGM Resorts International, one of the world’s largest gambling firms, resulted in a $100 million hit to its third quarter results, the operator said last week in a regulatory update. Additionally, dealing with the immediate consequences of the cyberattack cost it a one-time outlay of around $10 million in the same quarter.

The company shut down its systems after detecting the attack to contain the damage, and has been working diligently to restore its systems since then. However it has acknowledged that private data of customers who used MGM services before March 2019, including contact information, gender, date of birth, and driver’s license numbers, were obtained by hackers.

MGM asserts that there is no evidence that the data has been used to commit identity theft or account fraud. However, in a letter sent to employees late last week, company CEO Bill Hornbuckle told staff that some passwords were compromised.

“Some employees usernames and passwords to MGM systems were obtained by criminal actors, and as a result, all employee passwords will be reset,” the letter said.

Navigating Repercussions

The immediate consequences of the attack were extreme, with nearly all of MGM’s famous Nevada casino venues seeing huge disruption in all areas. The operator claimed the end of the attack after 10 days. But the long-term outcome for MGM and Caesars is not entirely clear yet.

“The full scope of the costs and related impacts of this issue has not been determined,” MGM said last week in the regulatory filing.

Social media posts and claims have continued to circulate alleging unauthorized access and theft from BetMGM accounts up to late last week, with some users asserting that their accounts were accessed and funds were removed to an unknown Visa card.

MGM denies these rumors. “We have no evidence that criminal actors have used this data to commit identity theft or account fraud,” said the letter from Hornbuckle.

In the legal arena, up to nine lawsuits are already filed by customers of MGM and Caesars. The claims and lawsuits, whether valid or opportunistic, underscore the multifaceted challenges organizations face in the wake of a cyberattack, navigating not only the operational and financial fallout, but also managing reputational damage and legal entanglements.

To Pay or Not to Pay

MGM refused to pay the attackers demands, adhering to the FBI’s guidelines of non-negotiation with ransomware attackers.

The FBI maintains that paying a ransom doesn’t guarantee the retrieval of data, and further incentivizes perpetrators to target more victims. This decision contrasts with the approach taken by Caesars Entertainment just weeks earlier, where it opted to pay $15 million to the same hacking group to mitigate operational chaos.

The hacking groups, known as Stalking Spider and ALPH-V, allegedly used social engineering techniques to aid their efforts. That included telephone calls and other interactions with staff at the casino operators, allowing the attackers easier access to company systems.

MGM says that, overall, it expects a $100 million hit to revenues and around $10 million in expenditure on responding to the attack.

Hornbuckle said the company was “well-positioned” for a strong finish to 2023 in Q4. The return of the Formula One Las Vegas Grand Prix in November is expected to be one of the biggest weekends ever for Sin City’s casinos, a dozen of which are owned and/or operated by MGM.

Related News

March 5, 2024

Resorts World New York Plans $5B Casino Expansion

In the race for the upcoming three downstate New York casino licenses, operators are pulling out the stops to gain approval with locals. Resorts World New York, an existing horse […]

March 4, 2024

Wynn Resorts Sues Fontainebleau Las Vegas Over Alleged Staff Poaching

Wynn Las Vegas is going forward with a lawsuit against rival Sin City luxury resort Fontainebleau Las Vegas, court filings released this week reveal. The two Nevada casinos are in […]

March 1, 2024

Caleb Willams is an NFL Draft Prospect Unlike Any Other

There is a lot to love about Caleb Williams as the future of your NFL franchise. He played college football in the spotlight of Los Angeles at USC. He won […]

February 23, 2024

Wynn Resorts, Related Companies Release New York Casino Proposal Details

$12 billion. That’s the biggest price tag of any of the New York casino proposals detailed so far in the competitive race for three upcoming downstate casino licenses. Developer Related […]

Stay Ahead of the Game

Are you ready to take your online gambling experience to the next level? Sign up for the LetsGambleUSA newsletter and get the latest news, exclusive offers, and expert tips delivered straight to your inbox.