MGM Resorts says regulators probing September cyberattack

By Ananta Agarwal 

(Reuters) – MGM Resorts International disclosed that state and federal regulators were probing a cyberattack on its systems that took place in September and caused a $100 million hit to the company’s third-quarter results.

The casino operator intends to respond to the inquiries in due course, a regulatory filing by MGM showed on Friday.

The Federal Bureau of Investigation (FBI) said in September it was investigating the attack on MGM that had led MGM to shut down its systems after queues piled up at Las Vegas hotels and slot machines began showing error messages.

Hacking group AlphV has claimed involvement in the breach.

Sources told Reuters in September that AlphV worked with another outfit named Scattered Spider to break into MGM systems and steal data to hold for extortion.

Scattered Spider was also behind a cybersecurity incident at Caesars Entertainment where many of its loyalty program members’ data, including their driver’s license and social security number, was compromised, the company disclosed in September.

Caesars had also received inquiries from state regulators regarding the attack, it said in a quarterly regulatory filing in October.

MGM Resorts says regulators probing September cyberattack
An exterior view of MGM Grand hotel and casino, after MGM Resorts shut down some computer systems due to a cyber attack in Las Vegas, Nevada, U.S., September 13, 2023. REUTERS/Bridget Bennett/File Photo