MGM Resorts and Caesars Entertainment, two major casino and hotel companies, have faced significant cyberattacks and data breaches in the past week, causing disruptions to their operations. While MGM struggled with system outages and service disruptions following a cyberattack, Caesars Entertainment reported a data breach that exposed sensitive customer information, including Social Security and driver’s license numbers.
MGM Resorts experienced widespread issues at its properties in Las Vegas and beyond, with customers reporting problems like keycard malfunctions, non-functional slot machines, and out-of-service ATMs. The extent of the disruption prompted concerns among guests and raised questions about the company’s cybersecurity measures.
On the other hand, Caesars Entertainment disclosed in a regulatory filing that it suffered a recent data breach that resulted in the theft of personal data from its loyalty program members. The stolen data included Social Security numbers, driver’s license numbers, and other sensitive information.
Reports emerged that Caesars Entertainment paid approximately half of the $30 million ransom demanded by the attackers in exchange for a promise not to release the stolen customer data. This development highlighted the growing concern over ransomware attacks and their impact on organizations’ decision-making processes.
The group behind the MGM attack, attributed to an affiliate of the ransomware gang Alphv (also known as BlackCat), claimed responsibility. However, they denied involvement in the Caesars data breach. Casinos have historically been appealing targets for cyberattacks due to their financial assets and valuable customer data. MGM Resorts itself suffered a data breach in 2019, which exposed the personal information of more than 10.6 million hotel customers.