MGM Resorts International has provided an update on a recent cybersecurity incident that affected its operations. The breach, which occurred around September 11, 2023, involved unauthorized third-party access to some of the company’s systems. While the breach led to the exposure of certain customer information, including names, contact details, and more, MGM Resorts emphasized that sensitive data such as passwords and payment card information remained secure.
Unauthorized Access and Data Compromised:
MGM Resorts confirmed that unauthorized third-party access occurred in September 2023, leading to the compromise of certain customer information. The exposed data included names, contact details (phone numbers, email addresses, and postal addresses), gender, date of birth, and driver’s license numbers. For a smaller group of customers, social security numbers and passport numbers were also exposed.
What Was Not Compromised:
Crucially, MGM Resorts underscored that customer passwords, bank account numbers, and payment card information remained unaffected by the breach. This assurance offers some relief to affected customers.
Immediate Response:
In response to the breach, MGM Resorts took swift action to secure its systems and data. This involved temporarily shutting down specific systems to prevent further unauthorized access.
Collaborative Investigation:
The company launched a comprehensive investigation into the incident, collaborating closely with cybersecurity experts and law enforcement agencies. The objective is to identify the extent of the breach and the individuals responsible.
Assistance for Affected Customers:
MGM Resorts is actively assisting affected customers by offering credit monitoring and identity protection services at no cost. Customers who receive notifications regarding the breach are encouraged to follow the provided instructions to enroll in these services.
Industry-Wide Concerns:
The cybersecurity incident affecting MGM Resorts is not an isolated case within the gaming industry. Caesars Entertainment recently experienced a similar breach, reportedly paying a ransom to prevent operational disruptions. Earlier in the year, Gateway Casinos in Ontario also faced cybersecurity issues, leading to system outages and temporary closures.
CEO’s Message:
MGM Resorts CEO & President, Bill Hornbuckle, conveyed his appreciation to customers for their loyalty and patience during the incident. He assured customers that sensitive financial information, including bank account and payment card details, remained secure. The company believes the breach was contained and is taking all necessary steps to address the situation.
The cybersecurity incident at MGM Resorts serves as a reminder of the ongoing challenges faced by companies in safeguarding customer data. While this breach resulted in the exposure of certain personal information, the fact that critical financial data remained secure is a positive aspect of the incident. MGM Resorts’ swift response, collaboration with experts, and commitment to customer support demonstrate the company’s dedication to addressing the issue. In an industry where data security is paramount, incidents like these underscore the importance of robust cybersecurity measures.