During his keynote speech at G2E Las Vegas, MGM Resorts International CEO Bill Hornbuckle shared insights into the recent cyber attack that cost the company approximately $100 million. He provided details about the attack, the response, and how MGM managed to recover without paying a ransom.
The Cyber Attack:
On September 10, MGM Resorts International fell victim to a cyber attack that affected several of the company’s computer systems in the United States. Hornbuckle characterized the attack, noting that it was partially socially engineered, which means it involved manipulating individuals to exploit vulnerabilities.
The Financial Impact:
Hornbuckle disclosed that the cyber attack was projected to cost the company approximately $100 million. While the scale of the attack was significant, MGM Resorts had the foresight to secure cyber insurance to cover such contingencies. The financial repercussions of the attack were substantial, but the insurance provided a safety net.
The Extent of the Outage:
The CEO revealed the profound impact the attack had on MGM’s operations. For several days, crucial systems were rendered inoperable, affecting 36,000 hotel rooms, as well as regional properties. This extensive outage left MGM Resorts in the dark, with key systems like telephones, casino operations, hotel management, and more non-functional.
The Response:
Hornbuckle emphasized the swiftness of their response to the cyber attack. Given the rapidity and intensity with which the attack occurred, MGM Resorts reacted promptly to protect sensitive data. The company refused to pay a ransom to the hackers, highlighting that their decision was not based solely on financial considerations.
Recovery and Functionality:
Despite the severity of the attack and the initial disruption, Hornbuckle shared the positive news that, a couple of weeks into the ordeal, MGM Resorts had restored full functionality. Commercial systems were back up and running, signifying that the company had successfully weathered the storm.
Hacker Group Involvement:
Reports suggested that a hacker group known as Scattered Spider or UNC3944 could have been responsible for the cyber attack. The FBI initiated an investigation into the incident, aiming to identify the perpetrators and bring them to justice.
The cyber attack on MGM Resorts International marked a significant challenge for the company, with financial repercussions in the range of $100 million. Bill Hornbuckle’s presentation at G2E Las Vegas shed light on the attack’s impact and the company’s response. Notably, MGM Resorts demonstrated resilience by refusing to pay a ransom and swiftly recovering its systems. The incident serves as a reminder of the evolving cybersecurity landscape and the need for proactive measures to safeguard critical infrastructure and data in the digital age.