MGM Resorts Hit with $100M in Costs Following Ransomware Attack: Customer Data and Financial Impact

MGM Resorts International, one of the leading global hospitality and entertainment companies, recently disclosed the costly aftermath of a ransomware attack that occurred in September. The financial toll resulting from the attack has surpassed a staggering $100 million, with $10 million dedicated to one-time consulting clean-up fees. This incident has once again highlighted the pervasive threat of ransomware attacks and their potentially devastating consequences.

Swift response to the attack

MGM Resorts swiftly responded to the data extortion attack by taking their systems offline. This proactive measure was taken to contain the threat and prevent the threat actors from accessing sensitive customer information such as bank account numbers or payment card details. By acting promptly, the company successfully shielded its customers from potential financial loss and identity theft.

Ransom payments and unreliability

It is important to note that paying a ransom to cybercriminals does not guarantee the restoration of an organization’s systems and data. On the contrary, it often perpetuates the ransomware ecosystem by providing a financial motivation for criminals to continue their malicious activities. Therefore, organizations are encouraged to focus on improving their cybersecurity defenses and preventive measures, rather than relying on the uncertain outcome of ransom payments.

Financial Impact on MGM Resorts

The financial impact resulting from the ransomware attack is expected to primarily affect the third quarter of 2023, with minimal repercussions in the fourth quarter. Specifically, MGM Resorts’ Las Vegas operations are anticipated to bear the brunt of the consequences. This emphasizes the vast scale and potential disruptions that large organizations like MGM Resorts may face when targeted by cybercriminals.

Potential coverage by cybersecurity insurance

While the financial burden is significant, MGM Resorts may find some relief through their cybersecurity insurance. It is expected that a substantial portion of the costs will be covered, but the total scope of the financial impact is still undetermined. This incident serves as a reminder of the value of cybersecurity insurance and the importance of comprehensive coverage in the face of evolving cyber threats.

Targeting large organizations

This ransomware attack on MGM Resorts underscores the attraction that large organizations hold for organized cyber gangs (OCGs) with sophisticated cyber capabilities. Their extensive infrastructure, vast customer databases, and potentially valuable intellectual property make these organizations enticing targets. The ability to infiltrate and disrupt such high-profile entities provides a significant opportunity for financial gain for these criminal groups.

Personal information accessed

As a result of the ransomware attack, MGM Resorts has identified that specific customers who had transacted with the company before March 2019 had their personal information accessed by the threat actors. The compromised information includes names, contact details, gender, date of birth, and driver’s license numbers. This revelation raises concerns about potential identity theft and targeted phishing attempts against affected customers.

Limited access to sensitive information

While the breach allowed access to personal information, it is crucial to note that customer passwords, bank account numbers, and payment card information are believed to be safe from the attack. This implies that the financial security of MGM Resorts’ customers remains intact, alleviating some of the immediate concerns regarding financial fraud or unauthorized transactions.

Investments in cybersecurity measures

In response to this breach, MGM Resorts has committed to enhancing its cybersecurity measures further. The company is actively collaborating with industry-leading experts to minimize future risks and safeguard customer data. This proactive approach demonstrates MGM Resorts’ prioritization of cybersecurity and their dedication to maintaining a secure environment for their customers.

The ransomware attack on MGM Resorts International has come at a significant cost, exceeding $100 million in financial expenses. While the full extent of the impact is still uncertain, the company is working diligently to mitigate the aftermath and protect affected customers. This incident serves as a stark reminder of the persistent threat posed by ransomware attacks and the critical need for robust cybersecurity measures in today’s digitally connected world. By investing in preventive measures and collaborating with experts, MGM Resorts aims to enhance its cybersecurity defenses and ensure the safety of customer data moving forward.

Explore more

Ethereum Uses AI Swarms to Proactively Patch Network Flaws

The architectural integrity of global decentralized networks has reached a pivotal juncture where the speed of malicious exploitation often outpaces the traditional cadence of human-led security audits. To address this widening gap, The Ethereum Foundation has fundamentally transitioned its security strategy from a reactive model to an automated, proactive defense paradigm that leverages the power of machine learning. This shift

How Is ERP Modernization Driving DLA to Audit Readiness?

The Defense Logistics Agency currently manages an intricate global supply chain that serves as the backbone for the United States military, requiring an unprecedented level of financial precision and operational transparency to meet modern oversight requirements. This massive undertaking involves a transition from aging, siloed legacy systems to a unified Enterprise Resource Planning environment designed to provide real-time visibility into

What Makes Odyssey Infostealer a Global Threat to macOS?

The long-standing myth that macOS remains immune to sophisticated cyberattacks has been decisively shattered by the emergence of the Odyssey infostealer, a highly specialized malware variant engineered to bypass modern system integrity protections. This transition represents a fundamental shift in the threat landscape, where the historical security-by-obscurity advantage once enjoyed by Apple users has entirely vanished. As the adoption of

Can AI Secure Windows Without Compromising Stability?

The sheer scale of modern software development has reached a point where manual code review is no longer sufficient to protect the billions of devices running Windows across the globe. As lines of code multiply and interdependencies become more complex, traditional security measures are struggling to keep pace with the rapid evolution of sophisticated digital threats. In response to this

Xero Launches JAX to Redefine Accounting with Agentic AI

Small business owners have historically spent an exhausting amount of time tethered to spreadsheets and receipts, but the emergence of agentic AI is finally turning those static records into a living, breathing financial command center that operates with minimal human oversight. With more than five million global subscribers now integrated into its ecosystem, Xero is spearheading a movement toward Accountable