MGM Resorts’ Virtual Vulnerability: The Cyberattack that Shattered Security

Chaos at the Casino

In a dramatic turn of events, MGM Resorts International, a titan in the casino and hospitality space, found itself under cyber siege. A message broadcast on X (formerly Twitter) indicates that the digital assault brought chaos to key operational areas, including the main website, online booking, and essential in-casino services like ATMs and card payment machines.

The company’s update states, “MGM Resorts recently identified a cybersecurity issue affecting some of the Company’s systems”. MGM Resorts swiftly identified the breach and put various safety measures into action, including shutting down specific operations temporarily. Meanwhile, as of September 14, 2023, the MGM Resorts website remains offline, replaced by a temporary page informing customer of free booking changes and cancellations.

Photo by Carl Raw

What we know so far

Initially detected on September 10, the cyberattack threw a wrench into MGM’s hotel and restaurant reservation systems, digital keys, and corporate applications. The company has enlisted leading cybersecurity experts and notified the FBI, securing its systems by shutting down some of them entirely.

The million-dollar question remains: has any data leaked? Usually, cyberattacks aim to harvest sensitive customer information, potentially leading to identity theft or other frauds. While MGM Resorts continues grappling with the crisis, it’s also probing into a possible data breach. Should leaked data be confirmed, MGM will issue data breach letters to the affected parties.

Public and Expert Reactions

In a revelation on X, ‘VX-Underground,’ a research and malware collection group, pointed fingers at the ransomware group ‘ALPHV’. ALPHV allegedly gained access by posing as an employee in a brief but decisive 10-minute phone call.

According to, the same group was behind a recent cyber attack against Caesars Entertainment.

The Nevada Gaming Control Board is closely monitoring the situation and staying in touch with MGM Resorts executives. ALPHV is no stranger to the cybersecurity industry, known for attacks against major players like Reddit and Western Digital. The FBI and CISA have also issued alerts about this ransomware group.

The incident sparked a flurry of online discussions. Concerns ranged from the possibility of MGM paying a ransom to the potential delay in employee salaries. VX-Underground, while uncertain about a ransom payment, did highlight ALPHV’s exceptional skills in social engineering.

Long-Term Repercussions

The ongoing issue could do lasting damage to MGM Resorts’ reputation. This isn’t their first run-in with cyber misfortune; they faced a significant data leak affecting more than 10 million customers in the summer of 2019. The data eventually appeared on a hacking forum.

As other establishments like Caesar’s Palace reportedly shell out massive sums to mitigate similar threats, MGM Resorts stands to lose not only money but also trust. With its reservation systems still in disarray, the company is bleeding financially every passing day.

As we wait for more details to emerge, one thing is certain: the ripple effects of this cyberattack on MGM Resorts could be long-lasting and far-reaching.

If you liked this article, we advise you to read our previous article about the massive cyberattack under popular dating App. Follow us on Twitter and LinkedIn for more content.

Stay up to date with exposed information online. Kaduu with its cyber threat intelligence service offers an affordable insight into the darknet, social media and deep web.