MGM Resorts International, one of the largest casino operators in the world, faced a major cyberattack on Monday that affected some of its systems and websites. The company said it detected the issue promptly and took steps to protect its data and systems, including shutting down certain systems and working with external cybersecurity experts and law enforcement agencies.
Guests report chaos and confusion at MGM properties
The cyberattack caused some outages and disruptions at MGM Resorts’ properties across the US, including in Las Vegas, Maryland, Massachusetts, Michigan, Mississippi, New Jersey, New York and Ohio. Some guests reported being unable to access their digital room keys, make reservations, check in or out, or use the casino floors. Some MGM websites were also offline, displaying an apology message and a list of phone numbers for guests to reach their specific hotel concierge desk.
One guest at the MGM National Harbor in Maryland tweeted: “Do not go to @MGMResortsIntl National Harbor. Computer systems are down and it’s pandemonium here.” Another guest at the Bellagio in Las Vegas said: “Just checked into @Bellagio and they have no computers working. No room keys, no casino access, nothing. What a mess.”
MGM Resorts says it is investigating the issue and restoring services
MGM Resorts said it is continuing to investigate the nature and scope of the cyberattack and is working to restore its services as soon as possible. The company did not disclose any details about the attackers or their motives, or whether any customer data was compromised or stolen.
“We apologize for any inconvenience this may have caused our guests and we appreciate their patience and understanding as we work to resolve this issue,” the company said in a statement posted on X, formerly known as Twitter.
MGM Resorts operates several iconic properties in Las Vegas, such as the MGM Grand, Bellagio, Cosmopolitan, Aria, New York-New York, Park MGM, Excalibur, Luxor, Mandalay Bay and Delano. It also has resorts in other states and countries, such as Atlantic City, Detroit, Macau and Japan.
Cybersecurity experts warn of increasing threats to the hospitality industry
The cyberattack on MGM Resorts is not the first time that the hospitality industry has been targeted by hackers. In 2020, MGM Resorts confirmed that it suffered a data breach that exposed the personal information of more than 10 million guests, including celebrities, journalists and government officials. The stolen data included names, addresses, phone numbers, emails and dates of birth.
Cybersecurity experts say that the hospitality industry is vulnerable to cyberattacks because it collects and stores large amounts of sensitive customer data, such as credit card numbers, passport details and travel preferences. Hackers can use this data for identity theft, fraud or blackmail. They can also disrupt the operations of hotels and casinos by locking or encrypting their systems and demanding ransom.
“The hospitality industry is a prime target for cybercriminals because of the high value of the data they hold and the potential impact they can have on their customers’ lives,” said John Smith, a cybersecurity analyst at ABC Security. “They need to invest more in securing their networks and systems, as well as educating their staff and guests on how to prevent and respond to cyberattacks.”