Patrick Miller-Bartley
Tue, 09/26/2023
On September 10, 2023, MGM Resorts detected a breach of its network and data. In the ensuing 10 days, its operations were disrupted as a gang of hackers held its network for ransom. This led to disruption of the company’s ability to manage an array of resort and casino services, including managing booking for its hotel, dining, entertainment, pool, and spa services. The breach also interfered with its MGM Rewards Program and BetMGM Rewards Program, which provide customers with points for certain gambling and resort activities. MGM has not yet indicated whether the breach compromised any customer data.
These kinds of large-scale ransom attacks are on the rise—especially against casinos. Another gambling giant, Caesars Entertainment, disclosed to federal regulators that it suffered a cyberattack on September 7, 2023. It explained that it could not guarantee that the personal information of tens of millions of customers, including social security numbers (SSNs), drivers’ license numbers, and Caesars Rewards loyalty rewards program numbers, had not been compromised.
As companies collect more and more of data as a condition of doing business, they also create a risk that nefarious actors will steal that data. These companies have an obligation to safeguard against such events, but many fail to do so. For information on other recent data breaches, visit https://www.mselaborlaw.com/data-breach-notices. If you’ve received notice that your personal data has been compromised, don’t hesitate to contact us to discuss your options.