Casino giant MGM expects $100 million hit from hack that led to data breach


FILE PHOTO: An exterior view of MGM Grand hotel and casino, after MGM Resorts shut down some computer systems due to a cyber attack in Las Vegas, Nevada, U.S., September 13, 2023. REUTERS/Bridget Bennett/File Photo

(Reuters) -MGM Resorts International said on Thursday a cyberattack last month that disrupted its operations would cause a $100 million hit to its third-quarter results, as it works to restore its systems.

One of the world's largest gambling firms, MGM shut down its systems after detecting the attack to contain damage, it said. It expects to also incur less than $10 million as a related one-time cost in the quarter ended on Sept. 30.

After the attack last month, customers posted social media images showing slot machines with error messages and queues at hotels in Las Vegas.

A hacking group named AlphV claimed it was involved in the breach. Sources earlier told Reuters AlphV worked with another outfit named Scattered Spider to break into MGM systems and steal data to hold for extortion.

MGM has declined to comment on whether it was asked for or paid any ransom.

The private data of customers who used MGM services before March 2019, including contact information, gender, date of birth and driver’s license numbers, was breached, the company said.

"We also believe a more limited number of Social Security numbers and passport numbers were obtained," it said.

"We have no evidence that the criminal actors have used this data to commit identity theft or account fraud."

Hackers often hold stolen data for ransom and may also leak it to public forums or sell it to other cybercriminals.

The MGM data breach, which the FBI is investigating, is a vivid example of how large organizations remain vulnerable to cybercrime. Analysts who have tracked Scattered Spider say more and more organizations have been falling for the group's skilled social engineering schemes.

MGM said the hackers did not obtain any customer bank account numbers or payment card information, and that no data from its luxury resort hotel The Cosmopolitan of Las Vegas was breached.

"The full scope of the costs and related impacts of this issue has not been determined," MGM said in a regulatory filing.

The company expects the breach will have a negative impact of about $100 million to its adjusted property core profit for its Las Vegas Strip division, and expects total occupancy of 93% this October versus 94% in the same month a year ago.

"Virtually all of the Company's guest-facing systems have been restored," it said, adding that it expects no impact on its full-year results from the breach.

MGM said it is "well-positioned" to have a strong fourth quarter with record results in November, driven mainly by a Formula One racing event slated to take place in Las Vegas.

(Reporting by Zeba Siddiqui in San Francisco and Shivansh Tiwary in Bengaluru; Editing by Shilpi Majumdar and Tom Hogue)

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

   

Next In Tech News

Japan's antitrust watchdog to find Google violated law in search case, Nikkei reports
Is tech industry already on cusp of artificial intelligence slowdown?
What does watching all those videos do to kids' brains?
How the Swedish Dungeons & Dragons inspired 'Helldivers 2'
'The Mind Twisting Quadroids' review: Help needed conquering the galaxy
Albania bans TikTok for a year after killing of teenager
As TikTok runs out of options in the US, this billionaire has a plan to save it
Google offers to loosen search deals in US antitrust case remedy
Is Bluesky the new Twitter for teachers in the US?
'Metaphor: ReFantazio', 'Dragon Age', 'Astro Bot' and an indie wave lead the top video games of 2024

Others Also Read