MGM Resorts Suffers Cybersecurity Attack, System Outage Reported

Posted on: September 11, 2023, 07:08h. 

Last updated on: September 14, 2023, 07:31h.

MGM Resorts International has been targeted by a cybersecurity attack, an official with the Las Vegas-based casino giant tells Casino.org.

MGM Resorts cybersecurity ransomware
MGM Resorts has suffered a cybersecurity incident that has taken much of the casino company’s IT systems offline. Many details remain clear at this early juncture of the investigation. (Image: Casino.org)

Brian Ahern, MGM’s executive director of communications, issued a statement Monday morning relaying that the casino company has been hit with an unknown attack. Ahern issued the company statement through a Gmail address, as employees do not currently have access to their company email because of the cyber incident.

MGM Resorts recently identified a cybersecurity issue affecting some of the Company’s systems. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts,” the company statement read.

“We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems. Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter,” the release added.

At this point, it’s unclear if the cybersecurity incident involves a ransom demand or even if the attackers are in communication with MGM officials.

MGM is Nevada’s largest employer and operates the most casinos on the Las Vegas Strip.

Vital Vegas was the first to share the developing issues at MGM Resorts on Sunday, Sep. 10, 2023, at 7:51 p.m.

What We Know

As the cybersecurity issue was only recently detected, specifics of the attack at this juncture remain unknown. But early this morning, social media users began posting information relaying technical glitches within the company’s operations.

Several MGM Rewards customers shared screenshots of notices showing that their mobile apps have gone offline. “MGM Rewards is undergoing maintenance, and digital keys are currently unavailable. Please see the Front Desk for assistance,” read one such notice.

Social media users say there are problems throughout MGM’s Las Vegas casinos. The cyber event reportedly took credit card machines, ATMs, and ticket-in ticket-out machines offline.

The cybersecurity event is impacting at least all of MGM’s Las Vegas operations. The company’s website’s landing page informs customers that its online reservation systems are currently unavailable.

The outage, however, is apparently affecting MGM’s regional casinos, too. MGM National Harbor’s website is offline, as are the websites for Borgata in Atlantic City, MGM Grand Detroit, MGM Springfield in Massachusetts, Beau Rivage in Mississippi, Empire City Casino in NYC, and MGM Northfield Park in Ohio.

China Operations?

MGM is one of the six commercial casino operators in Macau, the only place under China’s control where casinos are allowed. As of early afternoon on Monday, it appears the cybersecurity event in the US hasn’t impacted MGM’s Macau casinos.

MGM — through its subsidiary, MGM China Holdings — owns and operates MGM Macau and MGM Cotai.

MGM Resorts’ last major cybersecurity event came in 2019 when personal information on 30 million guests was shared publicly on an online instant messaging platform called Telegram. MGM confirmed in early 2020 that it was the victim of a data attack from a Russia-based hacking group.

While names, telephone numbers, and birthdates were stolen, the attack did not include seizing sensitive financial, credit and debit card, or password information.