Ransomware Attack Paralyzes MGM Casino and Hotels, Raising Cybersecurity Concerns

Ransomware Attack Paralyzes MGM Casino and Hotels, Raising Cybersecurity Concerns


Las Vegas, the entertainment capital of the world, has been rocked by a significant cybersecurity incident as one of its prominent casino-hotel chains, MGM Resorts International, grapples with a ransomware attack. While MGM has officially referred to the situation as a "cybersecurity issue," the telltale signs strongly suggest ransomware as the culprit.

The attack, which commenced on Monday, has severely disrupted operations across MGM properties, affecting guests and staff alike. The impact has been most pronounced in Las Vegas, where MGM owns and operates approximately half of the major casino-hotels on the famous Strip. Properties under MGM's umbrella include Mandalay Bay, Luxor, Excalibur, NY NY, MGM Grand, Park MGM, and the Bellagio.

Visitors to MGM properties have reported a litany of issues caused by the cyber incident. Electronic door locks have malfunctioned, leading to difficulties in accessing rooms. Reservation and front desk check-in systems have been incapacitated, causing long delays for guests. Banks of slot machines and electronic games are rendered nonfunctional. Elevators are experiencing limited functionality, creating sporadic service. ATM services have been disrupted, impacting the ability of guests to access cash.

However, there is a silver lining for some visitors, as the malfunctioning electronic systems for collecting parking fees have essentially made parking free once again.

Beyond Las Vegas, MGM properties in other parts of the United States, such as Biloxi and Atlantic City, have also been hit by the same cybersecurity issue. The fallout has spread across the company's operations, affecting both the internal networks and public-facing systems, including websites for booking reservations and purchasing event tickets, such as those for the T-Mobile Arena.

MGM has yet to confirm the specifics of the attack, but the incident bears the classic hallmarks of a ransomware attack that has infiltrated internal networks. A hacking group known as ALPHV has claimed responsibility for the incident, asserting that it utilized social engineering tactics to target an MGM help desk employee, reportedly identified through LinkedIn. MGM has not independently verified the group's involvement, and the company has not disclosed further details regarding the situation.

Ransomware attacks have become a growing concern in recent years, with cybercriminals often demanding significant sums of money in exchange for unlocking encrypted systems. These attacks can lead to significant disruptions, financial losses, and security breaches. The MGM incident serves as a stark reminder of the importance of robust cybersecurity measures to protect critical infrastructure and the data of both companies and their customers.