MGM Resorts computers back up after 10 days as analysts eye effects of casino cyberattacks AP News
pCopyright 2025 The Associated Press All Rights ReservedppMGM Resorts International says computers serving customers at its casino and hotel properties have been restored across the US Thats 10 days after a cyberattack led it to shut down digital systems Sept 20 AP video by Ty ONeilppCars pass the MGM Grand hotelcasino during a rain storm on Wednesday Sept 20 2023 in Las Vegas MGM Resorts International says computers serving customers at its casino and hotel properties have been restored across the US Thats 10 days after a cyberattack led it to shut down digital systems AP Photo Ty ONeilppCars pass the MGM Grand hotelcasino on Wednesday Sept 20 2023 in Las Vegas MGM Resorts International says computers serving customers at its casino and hotel properties have been restored across the US Thats 10 days after a cyberattack led it to shut down digital systems AP Photo Ty ONeilppThe exterior of the MGM Grand hotelcasino is pictured on Wednesday Sept 20 2023 in Las Vegas MGM Resorts International says computers serving customers at its casino and hotel properties have been restored across the US Thats 10 days after a cyberattack led it to shut down digital systems AP Photo Ty ONeilppMGM Resorts International says computers serving customers at its casino and hotel properties have been restored across the US Thats 10 days after a cyberattack led it to shut down digital systems Sept 20 AP video by Ty ONeilppCars pass the MGM Grand hotelcasino during a rain storm on Wednesday Sept 20 2023 in Las Vegas MGM Resorts International says computers serving customers at its casino and hotel properties have been restored across the US Thats 10 days after a cyberattack led it to shut down digital systems AP Photo Ty ONeilppCars pass the MGM Grand hotelcasino during a rain storm on Wednesday Sept 20 2023 in Las Vegas MGM Resorts International says computers serving customers at its casino and hotel properties have been restored across the US Thats 10 days after a cyberattack led it to shut down digital systems AP Photo Ty ONeilppCars pass the MGM Grand hotelcasino on Wednesday Sept 20 2023 in Las Vegas MGM Resorts International says computers serving customers at its casino and hotel properties have been restored across the US Thats 10 days after a cyberattack led it to shut down digital systems AP Photo Ty ONeilppCars pass the MGM Grand hotelcasino on Wednesday Sept 20 2023 in Las Vegas MGM Resorts International says computers serving customers at its casino and hotel properties have been restored across the US Thats 10 days after a cyberattack led it to shut down digital systems AP Photo Ty ONeilppThe exterior of the MGM Grand hotelcasino is pictured on Wednesday Sept 20 2023 in Las Vegas MGM Resorts International says computers serving customers at its casino and hotel properties have been restored across the US Thats 10 days after a cyberattack led it to shut down digital systems AP Photo Ty ONeilppThe exterior of the MGM Grand hotelcasino is pictured on Wednesday Sept 20 2023 in Las Vegas MGM Resorts International says computers serving customers at its casino and hotel properties have been restored across the US Thats 10 days after a cyberattack led it to shut down digital systems AP Photo Ty ONeilppLAS VEGAS AP MGM Resorts brought to an end a 10day computer shutdown prompted by efforts to shield from a cyberattack data including hotel reservations and credit card processing the casino giant said Wednesday as analysts and academics measured the effects of the eventppWe are pleased that all of our hotels and casinos are operating normally the Las Vegasbased company posted on X the platform formerly known as Twitter It reported last week that the attack was detected Sept 10ppRival casino owner Caesars Entertainment also disclosed last week to federal regulators that it was hit by a cyberattack Sept 7 It said that its casino and online operations were not disrupted but it could not guarantee that personal information about tens of millions of customers including drivers licenses and Social Security numbers of loyalty rewards members had not been compromised ppCaesars based in Reno is widely reported to have paid 15 million of a 30 million ransom sought by a group called Scattered Spider for a promise to secure the datappDetails about the extent of the MGM breach were not immediately disclosed including the kind of information that may have been compromised and how much it cost the company ppGregory Moody professor and director of the cybersecurity program at the University of Nevada Las Vegas pointed to quoted estimates that the computer shutdown cost the company up to 8 million per day which could put the cumulative effect at 80 million But Moody also noted that MGM Resorts reports annual revenues above 14 billion which would mean it averages at least 270 million in revenues per weekpp
ppThe company reported Wednesday that systems handling resort services dining entertainment pools and spas were operational and its website and app were taking dining and spa reservations while the company worked to restore hotel booking and loyalty reward functionsppMGM Resorts properties in Las Vegas and throughout the country are back to normal operations spokesman Brian Ahern told The Associated Press MGM also has properties in Maryland Massachusetts Michigan Mississippi New Jersey New York and Ohio ppFBI spokeswoman Sandra Breault in Las Vegas declined to comment and referred to a previous statement by the agency saying an investigation was ongoingppExperts said the attacks exposed critical cybersecurity weaknesses at MGM and Caesars and shattered an image of casino invulnerabilityppAt this point all casinos should be moving to the highest defensive posture possible and taking active measures to verify the integrity of their systems and environment and reviewing if not activating their incident response processes said Christopher Budd a director of threat research at cybersecurity firm Sophos XOps Theres been attacks against multiple casinos and its possible well see moreppCaesars Entertainment is the largest casino owner in the world with more than 65 million rewards members and properties in 18 states and Canada under the Caesars Harrahs Horseshoe and Eldorado brands It also has mobile and online operations and sports bettingppMGM Resorts is the largest private employer in Nevada operating tens of thousands of hotel rooms in Las Vegas at its flagship MGM Grand and properties including Bellagio Aria New YorkNew York and Mandalay Bay It also operates resorts in China and Macau It employees 75000 people in the US and abroadppCaesars stock traded Wednesday at 5017 per share up 36 cents for the day MGM shares were at 3877 down 43 cents Both companies are expected to disclose effects of the attacks in quarterly reports next month to the Securities and Exchange CommissionppThe attack on MGM also has been attributed to Scattered Spider a group of Englishspeakers also sometimes known as Øktapus operating under a Russiabased operation called ALPHV or BlackCatppBut there are a lot of conflicting reports said David Richardson an executive at cybersecurity firm Lookout You have Scattered Spider claiming that theyve done both in various forums and ALPHV saying that Scattered Spider wasnt involved with the other But theres a lot of technical evidence that shows that theres a relationship between the twoppLisa Plaggemier executive director at the nonprofit National Cybersecurity Alliance called MGMs decision to shut down vulnerable systems to prevent intrusion a positive step but said it highlighted significant security gaps and an urgent need for substantial investment in employee training and cybersecurity The risk she said is downtime and financial lossesppCaesars Entertainments decision to pay the ransom highlighted a lack of confidence and investment in their cyber defenses Plaggemier saidppMoody at UNLV said via email that the attacks showed that even for wellprepared or technically advanced companies it is not a matter of if you get attacked but when you get attackedppAny target can be breached as defense cannot win 100 of the time he said It is not that MGM did bad or was negligent If an advanced persistent threat defined by its heightened skills resources and time targets you they will find a way to access what they should notppAssociated Press writer Rio Yamat contributed to this reportpppp
ppCopyright 2025 The Associated Press All Rights Reservedp
ppThe company reported Wednesday that systems handling resort services dining entertainment pools and spas were operational and its website and app were taking dining and spa reservations while the company worked to restore hotel booking and loyalty reward functionsppMGM Resorts properties in Las Vegas and throughout the country are back to normal operations spokesman Brian Ahern told The Associated Press MGM also has properties in Maryland Massachusetts Michigan Mississippi New Jersey New York and Ohio ppFBI spokeswoman Sandra Breault in Las Vegas declined to comment and referred to a previous statement by the agency saying an investigation was ongoingppExperts said the attacks exposed critical cybersecurity weaknesses at MGM and Caesars and shattered an image of casino invulnerabilityppAt this point all casinos should be moving to the highest defensive posture possible and taking active measures to verify the integrity of their systems and environment and reviewing if not activating their incident response processes said Christopher Budd a director of threat research at cybersecurity firm Sophos XOps Theres been attacks against multiple casinos and its possible well see moreppCaesars Entertainment is the largest casino owner in the world with more than 65 million rewards members and properties in 18 states and Canada under the Caesars Harrahs Horseshoe and Eldorado brands It also has mobile and online operations and sports bettingppMGM Resorts is the largest private employer in Nevada operating tens of thousands of hotel rooms in Las Vegas at its flagship MGM Grand and properties including Bellagio Aria New YorkNew York and Mandalay Bay It also operates resorts in China and Macau It employees 75000 people in the US and abroadppCaesars stock traded Wednesday at 5017 per share up 36 cents for the day MGM shares were at 3877 down 43 cents Both companies are expected to disclose effects of the attacks in quarterly reports next month to the Securities and Exchange CommissionppThe attack on MGM also has been attributed to Scattered Spider a group of Englishspeakers also sometimes known as Øktapus operating under a Russiabased operation called ALPHV or BlackCatppBut there are a lot of conflicting reports said David Richardson an executive at cybersecurity firm Lookout You have Scattered Spider claiming that theyve done both in various forums and ALPHV saying that Scattered Spider wasnt involved with the other But theres a lot of technical evidence that shows that theres a relationship between the twoppLisa Plaggemier executive director at the nonprofit National Cybersecurity Alliance called MGMs decision to shut down vulnerable systems to prevent intrusion a positive step but said it highlighted significant security gaps and an urgent need for substantial investment in employee training and cybersecurity The risk she said is downtime and financial lossesppCaesars Entertainments decision to pay the ransom highlighted a lack of confidence and investment in their cyber defenses Plaggemier saidppMoody at UNLV said via email that the attacks showed that even for wellprepared or technically advanced companies it is not a matter of if you get attacked but when you get attackedppAny target can be breached as defense cannot win 100 of the time he said It is not that MGM did bad or was negligent If an advanced persistent threat defined by its heightened skills resources and time targets you they will find a way to access what they should notppAssociated Press writer Rio Yamat contributed to this reportpppp
ppCopyright 2025 The Associated Press All Rights Reservedp
