MGM Resorts, a powerhouse in the hospitality and gaming sector with revenues surpassing $13 billion annually, is currently addressing a severe cybersecurity incident that has severely impacted its operations. The company has confirmed disruptions at key Las Vegas venues, including the iconic MGM Grand, due to this issue.
Reports emerged this week stating that numerous websites for MGM's premier resorts such as Aria, Bellagio, Luxor, and Mandalay Bay became inaccessible. Furthermore, guests noted that slot machines, while appearing functional, were unplayable due to system failures. "It's pretty widespread. We can't check in, pay with card, use comps, receive our gifts, get tickets out of machines...", a guest shared, highlighting the extent of the chaos.
In response to the situation, MGM Resorts assured the public that while their gaming floors remained "operational," guests were being checked in "manually" as the company executed its contingency plans. However, various reports confirmed widespread troubles including non-functional slot machines, collapsed booking systems, and operational difficulties for guests attempting to access their rooms with malfunctioning keys.
"operational,"
Championship Implications
“MGM Resorts recently identified a cybersecurity issue affecting some of the company’s systems,” stated the company through its social media channels. They continued, “Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems.” This announcement points to a dire response aimed at safeguarding their systems and data integrity amidst the ongoing crisis.
Ryan McConechy, CTO of Barrier Networks, weighed in on the incident, noting, "In response to this incident, it looks like MGM decided to take all their systems offline, which is a routine move when organisations run such large and complex networks. Until MGM provides more information on the breach, it’s not clear the exact reason why they decided to take this action, but it is a very costly move."
The financial implications are significant. With MGM reportedly generating around $15 million daily from its casinos, downtime translates into substantial losses. McConechy elaborated, “For every minute the gaming floor was down, MGM was losing money. Likewise, with reservations and their websites still being down, the company continues to suffer massive financial losses. Understandably, this may be to prevent active attackers pivoting or malware spreading.” He underscores that with effective network segmentation, such extensive downtime can often be mitigated.
The current situation also has echoes of a previous data breach that MGM faced in 2019, when sensitive guest information was compromised after a hacker accessed a cloud server. Additionally, past vulnerabilities were highlighted by a pair of young security researchers during a "Shodan safari". They discovered glaring security flaws in rewards kiosks across Las Vegas casinos, revealing that sensitive data was transmitted in plaintext and was vulnerable to external access.
"Shodan safari"
Race Results
The vulnerabilities in these kiosks included unencrypted connections, insecure APIs, and exposing user personal data and casino WiFi passwords in a non-secure format. As a result, the vendor faced legal threats for the oversight. However, MGM’s security team at that time acted promptly to resolve the risks.
As MGM Resorts takes the necessary actions to combat its current cybersecurity challenges, the industry watches closely, analyzing the implications of such incidents on trust, operations, and guest experience in the gaming and hospitality landscape. The unfolding situation could redefine how the company and its competitors approach cybersecurity strategies moving forward.
