Vegas casinos are still reeling from a massive cyberattack
Some of the biggest hotels on the Las Vegas strip have been hobbled for five days now, following a cyberattack on MGM Resorts that has inconvenienced travelers and ramped up the day-to-day stresses of hotel employees. And, for now at least, there’s no apparent end in sight.
Lines to check into rooms at casinos ranging from the Excalibur to Aria were sometimes hours long, as reservations systems remained down most of the week (and are still slow). Guests have not been able to use digital keys to their rooms nor charge meals to their account. Many slot machines have been nonfunctional as well, and mobile check-in is not currently being offered.
Thousands of guests were inconvenienced, including Federal Trade Commission Chair Lina Khan, who, on Tuesday, was asked to write down her credit card information on a piece of paper when she finally got to the check-in desk. Amy Poehler and Maya Rudolph were also impacted by the hacks, commemorating the occasion by posting a TikTok together.
MGM did not respond to Fast Company’s request for comment, but in a social media post Thursday, the company said, “We continue to work diligently to resolve our cybersecurity issue while addressing individual guest needs promptly.” All shows are proceeding as scheduled, the company said, and the investigation as to how much guest information might have been taken is “ongoing.”
The MGM ransomware attack followed a similar one on Caesars Entertainment last month, which the company has acknowledged in a filing with the Securities and Exchange Commission (SEC). Caesars, however, reportedly paid the ransom, tens of millions of dollars, and has not had any outages.
Customer data was taken from that casino, however. Caesars told the SEC it had “determined that the unauthorized actor acquired a copy of, among other data, our loyalty program database, which includes driver’s license numbers and/or social security numbers for a significant number of members in the database. We are still investigating the extent of any additional personal or otherwise sensitive information contained in the files acquired by the unauthorized actor. . . . We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result.“
A hacker group that calls itself AlphaV has claimed responsibility for the attack on MGM. In a lengthy statement on X, it said, “We still continue to have access to some of MGM’s infrastructure. If a deal is not reached, we shall carry out additional attacks.” The alleged hackers said they have attempted to reach out to the casino gaming company, but have not received a reply so far.
“Network has been infiltrated since [last] Friday,” the statement added. “MGM made the hasty decision to shut down each and every one of their OKTA sync servers after learning that we had been lurking. . . . We successfully launched ransomware attacks against more than 100 ESXi hypervisors [operating systems].”
A post on X by the malware archive vx-underground claims the compromise was done via social engineering tactics, gaining trust from an employee, which let them burrow into the system.
“All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk,” the post reads. “A company valued at $33,900,000,000 was defeated by a 10-minute conversation.”
The veracity of that claim could not be verified, however.
MGM operates a worldwide network of casinos, including the MGM Grand, Bellagio, Cosmopolitan, Aria, New York-New York, Park MGM, Excalibur, Luxor, Mandalay Bay, and Delano.
(17)