MGM Resorts Hit with $100M in Costs Following Ransomware Attack: Customer Data and Financial Impact

MGM Resorts International, one of the leading global hospitality and entertainment companies, recently disclosed the costly aftermath of a ransomware attack that occurred in September. The financial toll resulting from the attack has surpassed a staggering $100 million, with $10 million dedicated to one-time consulting clean-up fees. This incident has once again highlighted the pervasive threat of ransomware attacks and their potentially devastating consequences.

Swift response to the attack

MGM Resorts swiftly responded to the data extortion attack by taking their systems offline. This proactive measure was taken to contain the threat and prevent the threat actors from accessing sensitive customer information such as bank account numbers or payment card details. By acting promptly, the company successfully shielded its customers from potential financial loss and identity theft.

Ransom payments and unreliability

It is important to note that paying a ransom to cybercriminals does not guarantee the restoration of an organization’s systems and data. On the contrary, it often perpetuates the ransomware ecosystem by providing a financial motivation for criminals to continue their malicious activities. Therefore, organizations are encouraged to focus on improving their cybersecurity defenses and preventive measures, rather than relying on the uncertain outcome of ransom payments.

Financial Impact on MGM Resorts

The financial impact resulting from the ransomware attack is expected to primarily affect the third quarter of 2023, with minimal repercussions in the fourth quarter. Specifically, MGM Resorts’ Las Vegas operations are anticipated to bear the brunt of the consequences. This emphasizes the vast scale and potential disruptions that large organizations like MGM Resorts may face when targeted by cybercriminals.

Potential coverage by cybersecurity insurance

While the financial burden is significant, MGM Resorts may find some relief through their cybersecurity insurance. It is expected that a substantial portion of the costs will be covered, but the total scope of the financial impact is still undetermined. This incident serves as a reminder of the value of cybersecurity insurance and the importance of comprehensive coverage in the face of evolving cyber threats.

Targeting large organizations

This ransomware attack on MGM Resorts underscores the attraction that large organizations hold for organized cyber gangs (OCGs) with sophisticated cyber capabilities. Their extensive infrastructure, vast customer databases, and potentially valuable intellectual property make these organizations enticing targets. The ability to infiltrate and disrupt such high-profile entities provides a significant opportunity for financial gain for these criminal groups.

Personal information accessed

As a result of the ransomware attack, MGM Resorts has identified that specific customers who had transacted with the company before March 2019 had their personal information accessed by the threat actors. The compromised information includes names, contact details, gender, date of birth, and driver’s license numbers. This revelation raises concerns about potential identity theft and targeted phishing attempts against affected customers.

Limited access to sensitive information

While the breach allowed access to personal information, it is crucial to note that customer passwords, bank account numbers, and payment card information are believed to be safe from the attack. This implies that the financial security of MGM Resorts’ customers remains intact, alleviating some of the immediate concerns regarding financial fraud or unauthorized transactions.

Investments in cybersecurity measures

In response to this breach, MGM Resorts has committed to enhancing its cybersecurity measures further. The company is actively collaborating with industry-leading experts to minimize future risks and safeguard customer data. This proactive approach demonstrates MGM Resorts’ prioritization of cybersecurity and their dedication to maintaining a secure environment for their customers.

The ransomware attack on MGM Resorts International has come at a significant cost, exceeding $100 million in financial expenses. While the full extent of the impact is still uncertain, the company is working diligently to mitigate the aftermath and protect affected customers. This incident serves as a stark reminder of the persistent threat posed by ransomware attacks and the critical need for robust cybersecurity measures in today’s digitally connected world. By investing in preventive measures and collaborating with experts, MGM Resorts aims to enhance its cybersecurity defenses and ensure the safety of customer data moving forward.

Explore more

Digital Transformation Challenges – Review

Imagine a boardroom where executives, once brimming with optimism about technology-driven growth, now grapple with mounting doubts as digital initiatives falter under the weight of complexity. This scenario is not a distant fiction but a reality for 65% of business leaders who, according to recent research, are losing confidence in delivering value through digital transformation. As organizations across industries strive

Understanding Private APIs: Security and Efficiency Unveiled

In an era where data breaches and operational inefficiencies can cripple even the most robust organizations, the role of private APIs as silent guardians of internal systems has never been more critical, serving as secure conduits between applications and data. These specialized tools, designed exclusively for use within a company, ensure that sensitive information remains protected while workflows operate seamlessly.

How Does Storm-2603 Evade Endpoint Security with BYOVD?

In the ever-evolving landscape of cybersecurity, a new and formidable threat actor has emerged, sending ripples through the industry with its sophisticated methods of bypassing even the most robust defenses. Known as Storm-2603, this ransomware group has quickly gained notoriety for its innovative use of custom malware and advanced techniques that challenge traditional endpoint security measures. Discovered during a major

Samsung Rolls Out One UI 8 Beta to Galaxy S24 and Fold 6

Introduction Imagine being among the first to experience cutting-edge smartphone software, exploring features that redefine user interaction and security before they reach the masses. Samsung has sparked excitement among tech enthusiasts by initiating the rollout of the One UI 8 Beta, based on Android 16, to select devices like the Galaxy S24 series and Galaxy Z Fold 6. This beta

Broadcom Boosts VMware Cloud Security and Compliance

In today’s digital landscape, where cyber threats are intensifying at an alarming rate and regulatory demands are growing more intricate by the day, Broadcom has introduced groundbreaking enhancements to VMware Cloud Foundation (VCF) to address these pressing challenges. Organizations, especially those in regulated industries, face unprecedented risks as cyberattacks become more sophisticated, often involving data encryption and exfiltration. With 65%