Ransom Group Issues Statement Claiming MGM Has Yet to Pay Up: Alludes to Insider Trading

MGM has been under a massive cyber attack all week with no let up in sight.  The attack has affected room key access, slot machines and ATMs, among other things.  The biggest issue may come later as there are concerns customer data may have been breached.

The ALPHV ransomware reportedly used social engineering tactics to hack the international hotel chain.

Late afternoon Thursday, Vegas Confidential tweeted:

"ALPHV, the ransomware group suspected of hacking MGM Resorts, just posted a statement about the cyberattack. It appears MGM has not paid the ransom, despite rumors to the contrary."

ALPHV issued the below statement:

"We believe MGM will not agree to a deal with us.  Simply observe their insider trading behavior.  You believe this company is concerned with your privacy and well-being while visiting one of their resorts? 

"We are not sure about anyone else, but it is evident from this that no insiders have purchased any stock in the past 12 months, while 7 insiders have sold shares for a combined 33 million dollars. This corporation is riddled with greed, incompetence and corruption."

Reports have surfaced in recent weeks that the feds are currently investigating both current and former executives of MGM for allegedly using company assets to pay off debts to a California bookie.

Scattered Spider was cited as being behind the MGM hack but experts believe they may have worked with ALPHV in doing so.

Hackers claim it only took a 10-minute phone call to shut down MGM Resorts through a social media engineering scheme.

"All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk," the organization wrote in a post on X. Those details came from ALPHV, but have not been independently confirmed by security researchers.

Caesars confirmed on Thursday they too had been hacked last week but claimed to pay half of the demanded ransom.  They also warned of a potential breach of customer data.

By Thursday MGM began suggesting this week's disruptions may have been brought on by the gaming firm shutting down extensive critical infrastructure in an effort to prevent the hacking group from gaining further entry into their systems.  MGM also claimed "nothing to see here" Tuesday night despite ongoing issues.  Thus it is not immediately clear if the company is being entirely forthright. 

Moody's has warned the ongoing attack could affect MGM's credit rating.

This would not be the first time MGM suffered bad press.  On October 1, 2017, Stephen Paddock, a 64-year-old man from Mesquite, Nevada, opened fire on the crowd attending the Route 91 Harvest music festival from his 32nd-floor suites in the Mandalay Bay hotel, an MGM property.

- Jagajeet Chiba, Gambling911.com