MGM Resorts Hit with $100M in Costs Following Ransomware Attack: Customer Data and Financial Impact

MGM Resorts International, one of the leading global hospitality and entertainment companies, recently disclosed the costly aftermath of a ransomware attack that occurred in September. The financial toll resulting from the attack has surpassed a staggering $100 million, with $10 million dedicated to one-time consulting clean-up fees. This incident has once again highlighted the pervasive threat of ransomware attacks and their potentially devastating consequences.

Swift response to the attack

MGM Resorts swiftly responded to the data extortion attack by taking their systems offline. This proactive measure was taken to contain the threat and prevent the threat actors from accessing sensitive customer information such as bank account numbers or payment card details. By acting promptly, the company successfully shielded its customers from potential financial loss and identity theft.

Ransom payments and unreliability

It is important to note that paying a ransom to cybercriminals does not guarantee the restoration of an organization’s systems and data. On the contrary, it often perpetuates the ransomware ecosystem by providing a financial motivation for criminals to continue their malicious activities. Therefore, organizations are encouraged to focus on improving their cybersecurity defenses and preventive measures, rather than relying on the uncertain outcome of ransom payments.

Financial Impact on MGM Resorts

The financial impact resulting from the ransomware attack is expected to primarily affect the third quarter of 2023, with minimal repercussions in the fourth quarter. Specifically, MGM Resorts’ Las Vegas operations are anticipated to bear the brunt of the consequences. This emphasizes the vast scale and potential disruptions that large organizations like MGM Resorts may face when targeted by cybercriminals.

Potential coverage by cybersecurity insurance

While the financial burden is significant, MGM Resorts may find some relief through their cybersecurity insurance. It is expected that a substantial portion of the costs will be covered, but the total scope of the financial impact is still undetermined. This incident serves as a reminder of the value of cybersecurity insurance and the importance of comprehensive coverage in the face of evolving cyber threats.

Targeting large organizations

This ransomware attack on MGM Resorts underscores the attraction that large organizations hold for organized cyber gangs (OCGs) with sophisticated cyber capabilities. Their extensive infrastructure, vast customer databases, and potentially valuable intellectual property make these organizations enticing targets. The ability to infiltrate and disrupt such high-profile entities provides a significant opportunity for financial gain for these criminal groups.

Personal information accessed

As a result of the ransomware attack, MGM Resorts has identified that specific customers who had transacted with the company before March 2019 had their personal information accessed by the threat actors. The compromised information includes names, contact details, gender, date of birth, and driver’s license numbers. This revelation raises concerns about potential identity theft and targeted phishing attempts against affected customers.

Limited access to sensitive information

While the breach allowed access to personal information, it is crucial to note that customer passwords, bank account numbers, and payment card information are believed to be safe from the attack. This implies that the financial security of MGM Resorts’ customers remains intact, alleviating some of the immediate concerns regarding financial fraud or unauthorized transactions.

Investments in cybersecurity measures

In response to this breach, MGM Resorts has committed to enhancing its cybersecurity measures further. The company is actively collaborating with industry-leading experts to minimize future risks and safeguard customer data. This proactive approach demonstrates MGM Resorts’ prioritization of cybersecurity and their dedication to maintaining a secure environment for their customers.

The ransomware attack on MGM Resorts International has come at a significant cost, exceeding $100 million in financial expenses. While the full extent of the impact is still uncertain, the company is working diligently to mitigate the aftermath and protect affected customers. This incident serves as a stark reminder of the persistent threat posed by ransomware attacks and the critical need for robust cybersecurity measures in today’s digitally connected world. By investing in preventive measures and collaborating with experts, MGM Resorts aims to enhance its cybersecurity defenses and ensure the safety of customer data moving forward.

Explore more

Ethereum’s Fragile Recovery Faces Resistance and Low Demand

The Ethereum ecosystem is currently navigating a treacherous landscape where price action struggles to align with the technical milestones achieved during the most recent network upgrades. While the shift to a more scalable architecture was intended to invite a surge of institutional and retail capital, the reality in 2026 shows a market plagued by indecision and a noticeable lack of

macOS 28 Drops Support for Encrypted Mac OS Extended Volumes

The landscape of digital storage has shifted dramatically over the past decade, leaving legacy file systems struggling to keep pace with the rigorous security demands of modern computing environments. With the release of macOS 28, the long-standing compatibility for encrypted Mac OS Extended (HFS+) volumes has officially reached its end of life, signaling a definitive transition toward the more robust

CapCut Named 2026 Leader in AI Social Media Content Creation

The rapid evolution of generative artificial intelligence has fundamentally altered the digital landscape, shifting the burden of high-quality video production from specialized studios to the palm of every creator’s hand across the globe. By mid-2026, the demand for short-form content reached an all-time high, necessitating tools that could keep pace with the volatile trends of social media algorithms. CapCut emerged

How Will AI and RPA Shape Desktop Automation in 2026?

The integration of cognitive computing with traditional robotic process automation has fundamentally altered the way desktop environments operate across global industries today. No longer confined to the rigid, rule-based scripts of previous cycles, modern automation tools now serve as dynamic, goal-oriented assistants capable of navigating the intricacies of fragmented software landscapes. This shift has allowed organizations to bridge the significant

UiPath Navigates AI Pivot Amid Market Skepticism

The transition from legacy robotic process automation to a sophisticated, agent-centric architecture has forced enterprise software giants to fundamentally rethink their value propositions in an era defined by autonomous reasoning. This paradigm shift represents more than a mere software update; it is a complete structural overhaul that seeks to bridge the gap between simple task execution and complex cognitive decision-making.