Russian cyber attack on Las Vegas casinos and hotels

The guest and employee data are among the impacted materials at MGM. The breach in security has also affected the experiences of guests at these resorts, who come from places far off to gamble.

MGM has under its belt some top-of-the-line hotels on the strip - Bellagio, Aria, Mandalay Bay, Cosmopolitan, Excalibur - preemptively shut down internal networks after discovering the breach on Sunday, reported Financial Times.

Who hacked and how?

The FBI said it was aware of the situation and is investigating. Russian ransomware group ALPHV, also called BlackCat, has claimed responsibility for the attack.

All it took was identifying on LinkedIn an employee who worked at MGM, posing as that team member, and calling the help desk to seek a password change. Within 10 minutes, the whole system was hacked, reported Forbes.

All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk.

A company valued at $33,900,000,000 was defeated by a 10-minute conversation.

— vx-underground (@vxunderground) September 13, 2023

MGM resorted to old methods - pen and paper - to check in their guests and paid out manually the earnings from machines and games that were still working.

BlackCat has previously claimed responsibility for attacks against organizations like Reddit and Western Digital. It is well-known amongst the ransomware and cyber security industry. The hacker company has hit at least 60 organizations with cyber attacks.

Las Vegas: MGM Resorts has been hit with a cyber security attack.

Everything from gaming machines to hotel communications have mostly been inoperable for four days now.

Before the ongoing MGM Cyber Attack, it's now being reported that Caesars Entertainment paid tens of… pic.twitter.com/KeAimX2QPp

— LWNC (@LwncNews) September 14, 2023

Malware archive vx-underground has suggested on X that MGM has not yet met the ransomware gang’s demands, writing: “In our opinion, MGM will not pay.”