On Wednesday, the casino juggernaut MGM Resorts announced that it is restoring all of its hotel and casino operations following the 10-day computer shutdown after a recent cyberattack. On September 10, a hacker group called Scattered Spider, which was later linked to another cyberattack group, ALPHV, managed to obtain important customer data from MGM’s servers.
Following the attack, MGM was forced to shut down its computers in an attempt to prevent further cyberattacks, which could have cost the casino giant sensitive information like hotel reservations or credit card processing details.
Using its official X account (formerly Twitter), the casino entity notified its followers that it had officially restored the operations of all its casinos and hotel facilities.
Please read our latest update below. Learn more: https://t.co/INKgreBSrt pic.twitter.com/N4zbQEFJFr
— MGM Resorts (@MGMResortsIntl) September 20, 2023
Last week, MGM Resorts reported that it had been attacked by hackers on September 7 but the company was able to detect the attack on September 10, prompting the casino giant to shut down its systems to avoid any further attacks.
Caesars Entertainment Becomes Target to Similar Cyberattacks, MGM Needs to Improve Cyber Security Practices
It turned out that rival casino brand Caesars Entertainment was also attacked by the same hacker network on September 7, with the company issuing an official statement in which it warned that the hacker group might have obtained customer information like Social Security Numbers and driver’s license numbers of loyalty rewards members.
While it had been widely reported that Caesars Entertainment might have paid a $15 million ransom to the cyberattack group Scattered Spider, details about the MGM attacks were not disclosed to the public. The casino juggernaut also refused to give estimates on the amount it lost as a result of having its computers shut down for 10 days.
According to Gregory Moody, cybersecurity professor and director at the University of Nevada, having the company’s computers shut down might have caused MGM Resorts $8 million per day, with the 10-day evaluation amounting to total losses of $80 million. Moody also noted that the brand’s annual revenue reports typically reveal earnings of more than $14 billion, with the average amount generated in a week estimated to be at least $270 million.
Moody defended the casino brands by saying that the hacking incidents of last week showed that it was not a matter of whether a company would be attacked but rather when it would fall victim to cyberattacks. He insisted that any defense system could be breached as there was no such thing as 100% failproof security.
MGM Resorts’ decision to shut down its computers for 10 days to prevent system intrusion was evaluated as a correct move by Lisa Plaggemier, executive director at National Cybersecurity Alliance. However, she also said that although this was considered a proper action, it also showed that the company lacked competent cybersecurity staff and needed to invest in the improvement of its cybersecurity systems.