MGM Response to Security Breach is Outrageous: Apparent Origin of Attack a Head Scratcher

Written by:
Jagajeet Chiba
Published on:
Sep/13/2023

If you are planning on heading to Las Vegas in the coming days and have reservations at one of the MGM properties, you may want to reconsider and book elsewhere.

ads-life-300x250-1.gif

The gaming operator has been under a massive cyber attack since Sunday with little sign of letting up. 

Gambling911.com reported Tuesday on social media postings that showed huge check-in lines at the Bellagio as all room keys are reportedly being issued manually.

Though the typical hotel reservations allow for cancellations within 24 to 48 hours, it's been close to impossible to reach the MGM call center in order to change or cancel reservations.  Their websites remained offline as of Wednesday morning.

The cyber attack, confirmed by the FBI, has thus far affected critical parts of its business that includes websites of all 31 MGM resorts.  The company earlier claimed it had taken the sites offline as a precaution.  A dozen mobile rewards app, online bookings and in-casino services such as ATMs, slot machines and card payment machines have also been impacted.  Cyber experts now suggest ransomware is behind the attack.

Even more alarming is that the company insisted Monday evening via a statement that operations were back to normal.  They are not.  The issue could even affect Friday's employee payroll. 

Info Security's Kevin Poireault notes that MGM has a history of security-related issues.

Zane Bond, head of product at Keeper Security, explained to Infosecurity: “Casinos and hotels collect a wide range of sensitive information about their guests, from credit card information to PII, all while transacting enormous sums of money.”

“Think of all of the software that runs modern gaming systems, like slot machines. Casinos aren't just gaming companies anymore; they're software developers and these systems are some of the most advanced and connected in the world. The technology in gambling is astounding,” he said.

According to Brad Freeman, director of technology at SenseOn, the event also highlighted the security shortcomings of MGM.  There remains concerns that the last few days disruptions may just be the tip of the iceberg. 

"If data has been taken we will know about it soon due to Nevada's data breach reporting laws," he tells Info Security.

In November of last year, the company's mobile sports betting site BetMGM also suffered a massive customer data breach that was only reported a few months later.

The cyber attack also comes at a time when reports are surfacing of an FBI probe of certain executives allegedly providing confidential customer data to help pay off debts to an illegal California bookmaking business.

While it is understandable MGM doesn't want to show all its cards, the company has done little to alleviate current and future guests concerns.  Instead of issuing statements assuring how the MGM dining experience remains "amazing", they should focus more on assuring those who wish to cancel upcoming reservations they can do so without penalty.

Much of the info coming out about this matter is via first hand social media accounts.

Carin tweeted:

The origin of this attack may prove to be even more disturbing.

vx-underground, with over 228.9K followers on Twitter, provides what it says to be the "largest collection of malware source code, samples, and papers on the internet.

Here is how they say this all went down:

"All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk. A company valued at $33,900,000,000 was defeated by a 10-minute conversation."

- Jagajeet Chiba, Gambling911.com

Gambling News

Giants Agree to Cut Jones

Giants Agree to Cut Jones

Tommy DeVito will make his first start of the season Sunday against the Tampa Bay Buccaneers. DeVito won three games as a starter in 2023.  The line has remained at +5.5.

Syndicate