/

MGM Resorts Data Breach: What & How It Happened?

MGM Resorts Data Breach: What & How It Happened?

Twingate Team

Jun 28, 2024

In September 2023, MGM Resorts International encountered a data breach involving unauthorized access to customer information. This incident affected multiple properties and led to operational disruptions. It followed a previous breach in July 2019, which also involved the compromise of guest information.

How many accounts were compromised?

The breach impacted data related to up to 200 million hotel guests.

What data was leaked?

The data exposed in the breach included names, contact information, gender, date of birth, driver's license numbers, Social Security numbers (for a limited number of customers), passport numbers (for a limited number of customers), and military identification numbers (for certain guests).

How was MGM Resorts hacked?

The hacking group Scattered Spider, a subgroup of the ALPHV ransomware gang, claimed responsibility for the breach. They used fraudulent phone calls (vishing) to employees and help desks to phish for login credentials, which were then used to access MGM Resorts' network and deploy their ransomware. The specific methods used to remove the malware and secure the systems remain unclear.

MGM Resorts's solution

In response to the hack, MGM Resorts took several measures to secure its platform and prevent future incidents. This included shutting down certain systems, implementing additional safeguards, and launching an investigation with the assistance of leading cybersecurity experts and law enforcement. MGM Resorts also notified affected customers by email and arranged to provide them with credit monitoring and identity protection services at no cost. The specific methods used to remove the malware and backdoors remain unclear.

How do I know if I was affected?

MGM Resorts notified customers believed to be affected by the breach. If you're an MGM Resorts customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for all accounts that may have been affected. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on your accounts whenever possible. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the respective platform or service provider.

For more specific help and instructions related to MGM Resorts's data breach, please contact MGM Resorts's support directly.

Where can I go to learn more?

If you want to find more information on the MGM Resorts data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

MGM Resorts Data Breach: What & How It Happened?

MGM Resorts Data Breach: What & How It Happened?

Twingate Team

Jun 28, 2024

In September 2023, MGM Resorts International encountered a data breach involving unauthorized access to customer information. This incident affected multiple properties and led to operational disruptions. It followed a previous breach in July 2019, which also involved the compromise of guest information.

How many accounts were compromised?

The breach impacted data related to up to 200 million hotel guests.

What data was leaked?

The data exposed in the breach included names, contact information, gender, date of birth, driver's license numbers, Social Security numbers (for a limited number of customers), passport numbers (for a limited number of customers), and military identification numbers (for certain guests).

How was MGM Resorts hacked?

The hacking group Scattered Spider, a subgroup of the ALPHV ransomware gang, claimed responsibility for the breach. They used fraudulent phone calls (vishing) to employees and help desks to phish for login credentials, which were then used to access MGM Resorts' network and deploy their ransomware. The specific methods used to remove the malware and secure the systems remain unclear.

MGM Resorts's solution

In response to the hack, MGM Resorts took several measures to secure its platform and prevent future incidents. This included shutting down certain systems, implementing additional safeguards, and launching an investigation with the assistance of leading cybersecurity experts and law enforcement. MGM Resorts also notified affected customers by email and arranged to provide them with credit monitoring and identity protection services at no cost. The specific methods used to remove the malware and backdoors remain unclear.

How do I know if I was affected?

MGM Resorts notified customers believed to be affected by the breach. If you're an MGM Resorts customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for all accounts that may have been affected. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on your accounts whenever possible. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the respective platform or service provider.

For more specific help and instructions related to MGM Resorts's data breach, please contact MGM Resorts's support directly.

Where can I go to learn more?

If you want to find more information on the MGM Resorts data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

MGM Resorts Data Breach: What & How It Happened?

Twingate Team

Jun 28, 2024

In September 2023, MGM Resorts International encountered a data breach involving unauthorized access to customer information. This incident affected multiple properties and led to operational disruptions. It followed a previous breach in July 2019, which also involved the compromise of guest information.

How many accounts were compromised?

The breach impacted data related to up to 200 million hotel guests.

What data was leaked?

The data exposed in the breach included names, contact information, gender, date of birth, driver's license numbers, Social Security numbers (for a limited number of customers), passport numbers (for a limited number of customers), and military identification numbers (for certain guests).

How was MGM Resorts hacked?

The hacking group Scattered Spider, a subgroup of the ALPHV ransomware gang, claimed responsibility for the breach. They used fraudulent phone calls (vishing) to employees and help desks to phish for login credentials, which were then used to access MGM Resorts' network and deploy their ransomware. The specific methods used to remove the malware and secure the systems remain unclear.

MGM Resorts's solution

In response to the hack, MGM Resorts took several measures to secure its platform and prevent future incidents. This included shutting down certain systems, implementing additional safeguards, and launching an investigation with the assistance of leading cybersecurity experts and law enforcement. MGM Resorts also notified affected customers by email and arranged to provide them with credit monitoring and identity protection services at no cost. The specific methods used to remove the malware and backdoors remain unclear.

How do I know if I was affected?

MGM Resorts notified customers believed to be affected by the breach. If you're an MGM Resorts customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for all accounts that may have been affected. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on your accounts whenever possible. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the respective platform or service provider.

For more specific help and instructions related to MGM Resorts's data breach, please contact MGM Resorts's support directly.

Where can I go to learn more?

If you want to find more information on the MGM Resorts data breach, check out the following news articles: