Cybersecurity breach hits two Las Vegas casinos

Robert Besser
19 Sep 2023, 22:04 GMT+10

A persistent error caused by a cybersecurity breach occurred in the casino rewards accounts of MGM Resorts International loyalty members on September 10
After the attacks, hackers could make unauthorized transactions on the saved cards of members
MGM Resorts, the largest casino operator in Las Vegas, said the incident began last weekend and affected reservations and casino floors in Las Vegas and other states

LAS VEGAS, NEVADA: A persistent error caused by a cybersecurity breach occurred in the casino rewards accounts of MGM Resorts International loyalty members on September 10.

After the attacks, hackers could make unauthorized transactions on the saved cards of members.

MGM Resorts, the largest casino operator in Las Vegas, said the incident began last weekend and affected reservations and casino floors in Las Vegas and other states.

They also caused video slot machines to shut down, and some customers said their hotel room cards were not working.

The situation entered its sixth day on September 15, with booking capacities still down and MGM Resorts offering penalty-free room cancelations through September 17.

MGM spokesperson Brian Ahern declined to comment when asked about the incident, including what information had been compromised in the breach.

The same week, the world's largest casino owner, Caesars Entertainment, also said it had been hit by a cybersecurity attack.

While its casino and hotel computer operations were not disrupted, it could not confirm that the attack compromised personal information about tens of millions of its customers, it added.

Yoohwan Kim, a computer science professor at the University of Nevada, Las Vegas, said, "When people think about security, they are thinking about the really big super-computers, firewalls, a lot of security systems."

"Casino giants like MGM Resorts and Caesars are protected by sophisticated and expensive security operations. But no system is perfect," he added.

The hacks may have been carried out as a "socially engineered attack," meaning the hackers used phone calls, text messages or phishing emails to breach the system, said Tony Anscombe, chief security official with the San Diego-based cybersecurity company ESET.

"Security is only as good as the weakest link, and unfortunately, as in many cyberattacks, human behavior is the method used by cybercriminals to gain access to a company's crown jewels," he stressed.

It has not been officially confirmed whether either of the affected companies paid a ransom to the hackers.

Watch latest videos

News RELEASES

Publish news of your business, community or sports group, personnel appointments, major event and more by submitting a news release to Northern Ireland News.

More Information

15 ℃

Fair in Belfast/City

United Kingdom

Section

UK approves $621 million to Tata Steel's Welsh site

LONDON, UK: In a deal aimed at securing the future of the British steel industry, the United Kingdom (UK) government ...

Ukraine War Pushes NATO to Bolster Drone-Tackling Expertise

Vredepeel, Netherlands - A small drone flits over opened earth, and an explosion appears on the video feed.The drone has ...

6 Young Portuguese Activists Head to Court in Climate Fight

COSTA DA CAPARICA, Portugal - Sofia Oliveira was 12 years old when catastrophic wildfires in central Portugal killed more than ...

Nijjar killing: US confirms intelligence sharing by Five Eyes made Canada allege India role

New York [US], September 24 (ANI): Wading into the ongoing diplomatic showdown between India and Canada, David Cohen, the US ...

Ukraine's Peace Plan, Grain Deal 'Not Realistic,' Lavrov Says

Russian Foreign Minister Sergey Lavrov castigated Ukraine's proposed 10-point peace plan and spurned a revival of the Black Sea Grain ...

ATP roundup: Alexander Zverev advances at Chengdu Open

(Photo credit: Danielle Parhizkaran-USA TODAY Sports) World No. 10 Alexander Zverev of Germany defeated unseeded Pavel Kotov of Russia 7-6 ...

International

Section