MGM Cyber Attack
Thousands of hotel guests at MGM Resorts in Las Vegas have been locked out of their hotel rooms after the company was the target of a cyber-attack.
MGM really don’t seem to be learning from their mistakes and they are literally playing roulette with their customer’s data as this is the second time MGM have been hacked. MGM was previously hacked in 2019, with a reported 142 million guests affected. Customers names, addresses and passport numbers were taken. It is not yet known whether similar data has been stolen as a result of this latest cyber-attack.
MGM Resorts International has about 48,000 rooms in Las Vegas on The Strip. Their properties include the famous Bellagio, Luxor and Mandalay Bay. MGM sites in other locations have also been affected including Detroit and New York.
The outage, first detected on Sunday night, has affected all the companies’ internal and external systems including emails, reservations, room keys and casino slot machines.
A statement was issued by MGM’s executive director of communications Brian Ahern. According to reports Mr Ahern had to use a personal Gmail address instead of his work email to put the statement out:
"MGM Resorts recently identified a cybersecurity issue affecting some of the Company's systems.”
The company said its investigation was ongoing with the "nature and scope" of the cyber-attack still to be determined.
The FBI are investigating the incident and it is not yet clear who or what may have caused the problems or when systems will be fully functioning again.
MGM are already feeling the financial impact of this latest cyber incident as MGM shares closed down nearly 2.4% on Monday evening.
Romano Security Consulting would recommend that MGM implements an information security management system such as ISO 27001 to help them manage their cyber security and incident response arrangements and conduct regular penetration tests to ensure their networks are free from vulnerabilities.
For help in implementing an ISO 27001 ISMS or for help and advice on securing your organisation or managing a cyber security incident contact Romano Security Consulting today.