Cybersecurity breach hits two Las Vegas casinos

Robert Besser
19 Sep 2023, 22:04 GMT+10

A persistent error caused by a cybersecurity breach occurred in the casino rewards accounts of MGM Resorts International loyalty members on September 10
After the attacks, hackers could make unauthorized transactions on the saved cards of members
MGM Resorts, the largest casino operator in Las Vegas, said the incident began last weekend and affected reservations and casino floors in Las Vegas and other states

LAS VEGAS, NEVADA: A persistent error caused by a cybersecurity breach occurred in the casino rewards accounts of MGM Resorts International loyalty members on September 10.

After the attacks, hackers could make unauthorized transactions on the saved cards of members.

MGM Resorts, the largest casino operator in Las Vegas, said the incident began last weekend and affected reservations and casino floors in Las Vegas and other states.

They also caused video slot machines to shut down, and some customers said their hotel room cards were not working.

The situation entered its sixth day on September 15, with booking capacities still down and MGM Resorts offering penalty-free room cancelations through September 17.

MGM spokesperson Brian Ahern declined to comment when asked about the incident, including what information had been compromised in the breach.

The same week, the world's largest casino owner, Caesars Entertainment, also said it had been hit by a cybersecurity attack.

While its casino and hotel computer operations were not disrupted, it could not confirm that the attack compromised personal information about tens of millions of its customers, it added.

Yoohwan Kim, a computer science professor at the University of Nevada, Las Vegas, said, "When people think about security, they are thinking about the really big super-computers, firewalls, a lot of security systems."

"Casino giants like MGM Resorts and Caesars are protected by sophisticated and expensive security operations. But no system is perfect," he added.

The hacks may have been carried out as a "socially engineered attack," meaning the hackers used phone calls, text messages or phishing emails to breach the system, said Tony Anscombe, chief security official with the San Diego-based cybersecurity company ESET.

"Security is only as good as the weakest link, and unfortunately, as in many cyberattacks, human behavior is the method used by cybercriminals to gain access to a company's crown jewels," he stressed.

It has not been officially confirmed whether either of the affected companies paid a ransom to the hackers.

Watch latest videos

News RELEASES

Publish news of your business, community or sports group, personnel appointments, major event and more by submitting a news release to Oklahoma City Sun.

More Information

87 ℉

Fair in Oklahoma City

Business

Section

U.S. stocks make minor gains, Nasdaq Composite climbs 60 points

NEW YORK, New York - With no major news Monday, and nothing on the horizon, U.S. stocks remained little moved, ...

US Federal Reserve cutting 300 people from payroll

WASHINGTON D.C.: In a small but rare reduction to its headcount, which has grown steadily since 2010, the US Federal ...

Rite Aid may close over 400 stores, allow creditors to run operations

CAMP HILL, Pennsylvania: This week, the Wall Street Journal (WSJ) reported that Rite Aid could shut down some 400 to ...

US Transportation Secretary says New York's ATC needs more staff

WASHINGTON D.C.: U.S. Transportation Secretary Pete Buttigieg has criticized the air traffic control staffing shortages in New York as "unacceptable" ...

Will 'quiet the noise' in culture wars, Disney CEO tells investors

BURBANK, California: A note by Needham media analyst Laura Martin released this week revealed that CEO Bob Iger told investors ...

$14 billion takeover bid by JIP a success: Toshiba

TOKYO, Japan: This week, Toshiba revealed that a tender offer worth US$14 billion from Japan Industrial Partners (JIP) was a ...

International

Section