Hackers Compromised Customer Information During MGM Resorts Cybersecurity Breach



  • Several weeks after the cyberattack, MGM Resorts has now revealed that hackers compromised customer personal details during the breach.
  • The casino management revealed driver's license numbers, social security numbers and passport numbers were affected.
  • Michigan customers impacted by the data breach will be contacted by MGM Grand Detroit via email on next steps.

Back in September, MGM Resorts and Caesars International reported concurrent cyberattacks that grounded their computer systems and limited casino operations at their retail outlets throughout the country. Scattered Spider, a hacker group has since taken credit for the breach.

However, MGM Resorts only recently provided details about the extent of customer information it lost to the hackers.

Although Caesars did not make any similar revelations, the operation revealed that it paid the hackers in hopes of securing the privacy of its users. Experts now believe security threats of this nature are going to continue at casinos if no measures are taken to prevent them soon.

How Much Data Was Lost or Compromised by MGM Resorts Cyberattack?

In a recent news release, MGM Resorts International responded to a barrage of customer requests about the impact of the cybersecurity attack that took place on September 11, 2023. The statement was signed by Brian Ahern, the Executive Director of Communications for MGM Resorts International. According to the release, the type of information affected varied across individual customers.

However, the Director noted that the company does not think bank account numbers, customer passwords and debit or credit card information were compromised. The security breach affected basic personal information of MGM customers including name, gender, date of birth and driver’s license number. Contact information ranging from phone numbers to email and postal addresses were also compromised. For a few customers, their Social Security number and passport numbers were said to be affected.

“Promptly after learning of this issue, MGM Resorts took steps to protect its systems and data, including shutting down certain systems.  The Company also quickly launched an investigation with the assistance of leading cybersecurity experts and is coordinating with law enforcement.  MGM Resorts takes the security of its systems and data very seriously and has put in place additional safeguards to further protect its systems,” the release reads.

Considering the massive number of customers at MGM Resorts across the country, there is no telling how many of these individuals lost important details to the breach. MGM Resorts also suggests that additional information about the cyberattack may arise in the future. It listed these contingencies as forward-looking statements in its news release.

MGM Resorts Communicates Next Steps to Affected Customers by Email

Still on the press release, MGM Resorts has stated that it will be reaching out to relevant customers whose information were affected during the breach by email. This process is required by US law and the company has expressed its willingness to provide its affected customers with free identity protection and credit monitoring services.

If you receive an email from MGM Resorts in the nearest future or have received one already, you’ll find additional information on how to enroll in these recommended services at no cost. Customers are also advised to take significant action to protect their data.

The company has set up a dedicated call center number available toll-free from 8 am – 10 pm on weekdays (excluding major US holidays) and 10 am – 7 pm on weekends. The number to call is 800-621-9437 and callers are advised to use the engagement number B105892 when dialing in. Otherwise, you can visit the new webpage for additional information here.

Unlike Caesars, MGM Did Not Pay Hackers and Maintains BetMGM Was Not Affected

Caesars International also experienced a similar cyberattack for which Scattered Spider also claimed responsibility. However, the company was quick to pay a ransom reported to be around $15 million to release information. Many security experts are unhappy with the move, criticizing it as perpetuating the act of cybercrime.

According to experts, it is usually rare for ransomware operators to delete stolen data even after the ransom is paid. The information is later sold on the dark web for more money than was gotten from the ransom.

In its press release, Caesars subtly notified the public of its ransom payment. “Caesars said that it had “taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result,” the statement read.

After Caesars’ release, Allan Liska, a cybersecurity expert at Recorded Future tweeted the following:

“That is an EXTREMELY artful way of saying, oh yea we paid even though we know ransomware groups are lying bastards who won’t actually delete the data.”

The best thing to do is wait for government agencies and security apparatuses to tackle criminal hackers, experts suggest. Meanwhile, MGM has maintained that BetMGM Online Casino MI and its other mobile gambling options across the US were not affected. However, it’s uncertain if customers will remain calm in light of recent events.

Jessica is a news contributor to Gamble Online Michigan. She holds a Bachelor's degree in Economics but has over three years of experience working in the hospitality and gambling industry. Despite her core finance and investment banking background, she has been a casino feature writer for N1 Interactive Limited and multiple gambling affiliate sites. Her work has been featured on the bet365 blog, casino.zone and Max Force Racing. She spends her time between Michigan and California, staying up-to-date on the latest industry developments