MGM Resorts shuts down website, computer systems after 'cybersecurity incident'

MGM Resorts has unopen down immoderate of its IT systems pursuing a "cybersecurity incident" that nan casino-and-hotel elephantine says is presently nether investigation.

The edifice proprietor issued a connection Monday morning, saying it precocious identified thing untoward "affecting immoderate of nan company's systems."

While MGM didn't specify which parts of its IT situation had been deed — aliases supply immoderate circumstantial specifications astir nan snafu — nan MGM Resorts website was down arsenic of Monday afternoon, and a concierge astatine 1 of nan hotels told The Register that each integer operations are being performed manually because nan outage had taken down machine systems crossed nan leisure goliath's empire.

The corp's spokespeople were incapable to reply The Register's questions astir nan situation.

Guests astatine immoderate of nan properties, which see Aria, Bellagio, Luxor, MGM Grand, and Mandalay Bay successful Las Vegas, took to societal media to study a slew of disruptions affecting ATM and in installments paper machines, integer room keys, slot machines, and different electronics systems.

"Promptly aft detecting nan issue, we quickly began an investigation pinch assistance from starring outer cybersecurity experts," nan MGM statement continued. "We besides noticed rule enforcement and took punctual action to protect our systems and data, including shutting down definite systems. Our investigation is ongoing, and we are moving diligently to find nan quality and scope of nan matter."

• Millions of people's info stolen from MGM Resorts dumped connected Telegram for free
• We cognize what you did past summer: MGM's edifice spinoff mislaid 10.7m impermanent records and now they're connected hacker forums
• Huge DDoS onslaught against US financial institution thwarted
• Coffee Meets Bagel outage caused by cybercriminals deleting information and files

Remember we're talking astir MGM Resorts here: its customer info was antecedently stolen and sold via cybercrime forums and past dumped connected Telegram for free.

Those leaks stemmed from a 2019 information breach during which criminals swiped information belonging to millions of edifice and casino guests, including names, email addresses, telephone numbers, addresses, and dates of birth. This reportedly included specifications astir Twitter cofounder Jack Dorsey, popular mega-star Justin Bieber, and US Homeland Security and Transportation Security Administration staff.

While those pilfered records were packaged up and peddled connected a dark-web marketplace nan pursuing year, successful May 2022 personification dumped much than 142 cardinal MGM Resorts customers' information connected Telegram for anyone to download at nary cost.

MGM Resorts is being sued complete nan information information breach, which a people action suit [PDF] says affected arsenic galore arsenic 200 cardinal people. Travelers whose information was stolen person since faced each mode of personality theft, according to nan lawsuit. This, we're told, includes fraudulent in installments cards being opened successful their names, payments being made from their slope accounts, purchases utilizing their cards that had been connected record pinch MGM resorts, and moreover a ransomware attack. ®