In mid-September, a major cyber-attack hit MGM Resorts International in the U.S., jeopardizing the gaming giant’s operations. The US authorities immediately launched an investigation into the intrusion.
Cyber attacks are a scourge that does not spare large corporations. MGM Resorts International was targeted on September 7, 2023 by a group of hackers called Scattered Spider. MGM Resorts, which operates over 30 hotels and gaming venues worldwide, has annual sales of $14 billion.
Scattered Spider managed to paralyze several MGM systems, causing considerable disruption to its operations. Slot machines and other systems remained out of service in the company’s establishments, notably in Las Vegas.
The FBI said on Wednesday September 13 that it was investigating the incident, but gave no further details.
Another casino operator, Caesars Entertainment, was also targeted. However, it paid a ransom to avoid the disclosure of its data.
Hacker groups
The Scattered Spider group, also known as UNC3944, is renowned for its use of social engineering, tricking users into divulging their credentials and passwords to bypass multi-factor authentication.
It is “one of the most prevalent and aggressive threat actors impacting organizations in the U.S. today,” said Charles Carmakal, CTO at Mandiant Intelligence in a LinkedIn post, following reports of the MGM breach.
“While the group’s members are less experienced and younger than many multi-faceted extortion/ransomware groups and nation-state espionage actors, they pose a serious threat to large organizations in the United States.”
Another hacker group called AlphV claimed to be involved in the attack. According to Reuters sources, AlphV worked with Scattered Spider to break into MGM’s systems and steal data for extortion.
Six terabytes of data breached
On Thursday September 14, Scattered Spider announced that it had extracted six terabytes of data from the systems of powerful casino operators MGM Resorts International and Caesars Entertainment. Both companies are themselves investigating the intrusions.
The private data of customers who used MGM services before March 2019, including contact details, gender, date of birth and driver’s license numbers, was breached, the company said. MGM said the hackers had not obtained any bank account numbers or payment card information from its customers, and that no data from its luxury hotel, the Cosmopolitan of Las Vegas, had been breached.
In a communication to Reuters via the Telegram messaging platform, a Scattered Spider representative said they had no intention of making the data public and declined to reveal whether they had demanded a ransom from the companies. “If MGM wishes to disclose this information, they will. We don’t,” said a spokesman for Scattered Spider. It was a cybersecurity expert running an online repository of malware samples called “vx-underground”, who chose to remain anonymous, who put Reuters in touch with this Scattered Spider contact.
Financial repercussions
To continue reading this article, subscribe or log in to your account
Discover our plans
- Every day, keep up to date with the latest business news from the world of luxury.
- Receive the essential luxury business news by email every week
- Access all our events
- The Luxury Journals and Luxus Magazine in print and digital versions
Subscribe for 1€
Become an active member of the community of luxury leaders.
Read also>BACCARAT VICTIM OF CYBER ATTACK
Featured photo : ©MGM Resorts
