Caesars Entertainment (CZR) -) may have set a bad precedent in recent weeks, but at least it was able to avoid the fate rival casino MGM Resorts Internatioal (MGM) -) had to endure this week.
Caesars paid tens of millions of dollars in recent to hackers who threatened to release the company's data, Casino.org reported. It was a classic ransomware attack where hackers infiltrate a secure system and then demand payment for either the return of control of the system or for the return sensitive information.
Related: North Korea May Be Behind Ransomware Attack, Cybersecurity Experts Say
While the group in the Caesars attack was unidentified, a ransomware group ALPHV, also known as BlackCat, is reportedly behind the cyberattack that crippled MGM Grand casinos this week.
A report by malware archive vx-underground claims that the hack was facilitated through a 10-minute phone call.
All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk.
— vx-underground (@vxunderground) September 13, 2023
A company valued at $33,900,000,000 was defeated by a 10-minute conversation.
People who attempted to reserve hotel rooms at various MGM properties on Sept. 11 were not able to do so. Other computerized systems also appear to have been compromised, and MGM has taken some of its technology offline to limit the damage, the Las Vegas Review-Journal reported.
The casino operator sent the paper a statement confirming the attack. That statement was sent via a Gmail address because MGM had taken down its email system.
More Technology:
- The company behind ChatGPT is now facing a massive lawsuit
- Prominent EV company says latest deal will be the first of many
- Apple makes a big new move with Elon Musk's Twitter
The company's corporate email, restaurant reservation and hotel booking systems were still offline Wednesday, two days after the attack, and there were multiple reports of whole banks of slot machines malfunctioning due to the attack.
And even worse, credit ratings agency Moody's says the attack is "credit negative" for the company and highlights key risks to its business operations.
"Heavy reliance on technology and the operational disruption caused when systems need to go offline or are inoperable," are key risks, according to Moody's.
This isn't MGM's first major data breach.
Back in 2020, the casino said that the personal information of more than 10 million customers had been compromised in a hack. That data resurfaced on a hacking forum later that year.
Get investment guidance from trusted portfolio managers without the management fees. Sign up for Action Alerts PLUS now.
