MGM Resorts Cyberattack Disruption Mostly Fixed, Claims Operator

MGM Resorts International, the largest U.S. gambling operator, has announced the restoration of most of its casino resort services across the country following last week’s cyberattack.

The attack, which was fully revealed on Monday, September 11, impacted almost all of the operator’s systems, causing disruptions in services across its U.S casino resorts.

A dozen of the operator’s Nevada casino venues on the famous Las Vegas Strip were affected, including the MGM Grand (pictured), Mandalay Bay, Aria, Luxor and the Bellagio. Maryland casino venue MGM National Harbor and MGM Springfield, Massachusetts, were also disrupted.

The cybersecurity breach saw payment processing, electronic room keys, bookings, slot machines, and other operations break down or go completely offline.

However, MGM says now that the majority of its operations are back to normal. That’s nine days after the attack began, during which the operator was losing millions a day.

“Our resort services, dining, entertainment, pools, and spas are operating normally and welcoming thousands of guests each day. Our gaming floors, including slots, table games, and poker rooms are open,” MGM said in a statement on X.

Ransom Payment Unclear

The cybersecurity attack was believed to have been orchestrated by a group named ALPHV, which utilized ransomware.

It seems MGM did not pay the ransom demand, leading to the nine-day disruption. However, it then emerged that fellow Las Vegas Strip operator Caesars Entertainment had also been a victim of a cyberattack two weeks earlier – but it allegedly paid the ransom money and was not disrupted in the same way as MGM.

Despite having most operations restored for now, reports suggest that online room reservations and check-in are still not available at several MGM properties. That has been causing lengthy queues and frustration for some customers.

It is unclear at this time whether MGM partly resolved the security breaches internally, or if it has paid any or all of the ransom. The current intermittent services suggest the former, but there has been no official word as of yet.

In typical Sin City fashion, famous gentlemen’s club Larry Flynt’s Hustler Club Las Vegas stepped in for some publicity during the chaos. The off-Strip strip joint offered a free lap dance and transportation package to Las Vegas visitors of 21 and older who could prove they were inconvenienced by the cyber disruption.

U.S Gambling Operators a Target

This is not the first time U.S. gambling operators have been hit by tech-wielding criminals in 2023.

Earlier in September, Stake.com saw $40 million worth of various cryptos stolen after being hacked by a North Korean state-sponsored cybercrime unit.

In July, crypto payment platform Alphapo, which processed payments for offshore sportsbooks like Bovada and Ignition, was the victim of a $30 million hacking theft.

Also in July, a report from cybersecurity firm CloudFlare said that American gambling operations are the second top target for Distributed Denial of Service (or DDoS) attacks globally, the first being the cryptocurrency sector.

Over the years, physical scammers have also targeted Tribal casinos and Las Vegas venues using voice changing and phone call spoofing tech. Circa Hotel & Casino was hit for a $1.1 million scam in June, when a man impersonating the casino’s owner convinced cage staff to hand over bags full of cash.