{"id":290320,"date":"2023-09-19T11:32:02","date_gmt":"2023-09-19T16:32:02","guid":{"rendered":"https:\/\/www.casino.org\/news\/?p=290320"},"modified":"2023-09-19T19:03:38","modified_gmt":"2023-09-20T00:03:38","slug":"mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack","status":"publish","type":"post","link":"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/","title":{"rendered":"MGM Had \u2018F\u2019 Grade for Cyber Vulnerability Prior to Hack"},"content":{"rendered":"

Prior to the recent ransomware attack that continues disrupting MGM Resorts International\u2019s domestic gaming operations, the casino giant received an \u201cF\u201d grade from a cybersecurity analytics company regarding its speed in addressing cyber vulnerabilities.<\/p>\n

\"MGM
MGM’s Aria on the Las Vegas Strip. The operator had an “F” grade for cybersecurity patching cadence before a recent ransomware attack. (Image: YouTube)<\/figcaption><\/figure>\n

In its most recent batch of cybersecurity ratings, Boston-based BitSight, a cybersecurity ratings and analytics company, graded MGM\u2019s patching cadence with an \u201cF.\u201d Patching cadence is the speed at which an organization addresses known cyber issues and vulnerabilities.<\/p>\n

\n

While it\u2019s not clear whether or not the hackers who hit MGM on September 10 are avid followers of BitSight ratings, it is clear that corporations that receive an \u201cF\u201d patching cadence grade from the research firm are 3.2x more likely to be victimized by an adverse cyber event<\/a> than those with an \u201cA\u201d grade, and 50% more likely to endure such a scenario than those scoring a \u201cB.\u201d<\/p>\n<\/div>\n

Cyber incidents are defined as ransomware attacks, data breaches, and business interruptions that compel the affected party to make cyber insurance claims or notifications.<\/p>\n

Maybe Something to MGM \u201cF\u201d Grade<\/h2>\n

To be clear, BitSight didn\u2019t single out MGM — other companies can and do receive the dubious \u201cF\u201d grade for patching cadence. However, the operator has an inauspicious cybersecurity history.<\/p>\n

In February 2020, it was revealed that in 2019, hackers stole sensitive data<\/a> of 10.6 million MGM customers, including some celebrities, from the company\u2019s database and later marketed that data for profit on the dark web.<\/p>\n

\n

Last December, BetMGM, which is 50% controlled by MGM, confirmed a data breach that was believed to have occurred in May 2022. The Bellagio operator isn\u2019t alone. Rival Caesars Entertainment<\/a> was also recently the victim of a ransomware attack, and the travel and leisure industry, including casino operators, has a history of being a favored target of cyber criminals.<\/p>\n<\/div>\n

\u201cIn terms of improving security, casinos, like many other industries, need to increase awareness of their vulnerabilities, strengthen network segmentation, limit access control, and strengthen practices around patching and updates, and especially remote access,\u201d said Waterfall Security Solutions CEO Lior Frenkel in comments made to Casino.org<\/em>.<\/p>\n

MGM Paying Price \u2026 Literally<\/h2>\n

While rival Caesars revealed in a recent regulatory document that one of its insurance carriers picked up the tab for an unspecified payment to hackers to end a ransomware attack, MGM has yet to follow suit. The cyber attack on MGM is on its 10th day and is costing the operator as much as $8.4 million<\/a> per day in lost revenue.<\/p>\n

That works out to $84 million — a fraction of the $14.8 billion in consolidated revenue the Cosmopolitan operator generated for the 12 months ending June 30.<\/strong><\/p>\n

While $84 million isn\u2019t a massive number in corporate terms, it\u2019s likely more than what the hackers are demanding and potentially more than MGM needed to allocate to address its cybersecurity needs.<\/p>\n","protected":false},"excerpt":{"rendered":"

Prior to the recent ransomware attack that continues disrupting MGM Resorts International\u2019s domestic gaming operations, the casino giant received an \u201cF\u201d grade from a cybersecurity analytics company regarding its speed in addressing cyber vulnerabilities. In its most recent batch of cybersecurity ratings, Boston-based BitSight, a cybersecurity ratings and analytics company, graded MGM\u2019s patching cadence with […]<\/p>\n","protected":false},"author":46,"featured_media":261405,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[62,21,81886,16693],"tags":[81897,86118,23,82041],"acf":[],"yoast_head":"\nMGM Had 'F' Cybersecurity Grade Prior To Ransomware Attack<\/title>\n<meta name=\"description\" content=\"MGM had 'F' patching cadence grade before recent cybersecurity incident.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"MGM Had 'F' Cybersecurity Grade Prior To Ransomware Attack\" \/>\n<meta property=\"og:description\" content=\"MGM had 'F' patching cadence grade before recent cybersecurity incident.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/\" \/>\n<meta property=\"og:site_name\" content=\"Casino.org\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Casino.OrgNews\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-19T16:32:02+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-09-20T00:03:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/02\/aria.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Todd Shriber\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@etfgodfather\" \/>\n<meta name=\"twitter:site\" content=\"@Casino_Org\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Todd Shriber\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/\",\"url\":\"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/\",\"name\":\"MGM Had 'F' Cybersecurity Grade Prior To Ransomware Attack\",\"isPartOf\":{\"@id\":\"https:\/\/www.casino.org\/news\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/02\/aria.jpg\",\"datePublished\":\"2023-09-19T16:32:02+00:00\",\"dateModified\":\"2023-09-20T00:03:38+00:00\",\"author\":{\"@id\":\"https:\/\/www.casino.org\/news\/#\/schema\/person\/f4cecf70a5032bc4e60eb73fc86d4a85\"},\"description\":\"MGM had 'F' patching cadence grade before recent cybersecurity incident.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/#primaryimage\",\"url\":\"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/02\/aria.jpg\",\"contentUrl\":\"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/02\/aria.jpg\",\"width\":1280,\"height\":720,\"caption\":\"MGM's Aria on the Las Vegas Strip. The operator is selling $850 million in corporate bonds. (Image: YouTube)\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"News\",\"item\":\"https:\/\/www.casino.org\/news\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Commercial Gaming\",\"item\":\"https:\/\/www.casino.org\/news\/commercial-gaming\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"MGM Had \u2018F\u2019 Grade for Cyber Vulnerability Prior to Hack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.casino.org\/news\/#website\",\"url\":\"https:\/\/www.casino.org\/news\/\",\"name\":\"Casino.org\",\"description\":\"Latest Casino and Gaming News\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.casino.org\/news\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.casino.org\/news\/#\/schema\/person\/f4cecf70a5032bc4e60eb73fc86d4a85\",\"name\":\"Todd Shriber\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.casino.org\/news\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/03\/cropped-11-96x96.png\",\"contentUrl\":\"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/03\/cropped-11-96x96.png\",\"caption\":\"Todd Shriber\"},\"description\":\"Todd Shriber is a senior news reporter covering gaming financials, casino business, stocks, and mergers and acquisitions for Casino.org. Todd got his start in financial markets as a reporter with Bloomberg News. Later, he became a trader at a Southern California-based long\/short hedge fund, where he specialized in the trading sector and international ETFs leading up to and during the financial crisis. He joined Casino.org in 2019. Currently, Todd analyzes, researches, and writes on ETFs for various web-based publications and financial services firms. Shriber has been featured and quoted in Barron's, CNBC.com, and The Wall Street Journal. His work can also be found on Benzinga, ETF Daily News, ETF Trends, MarketWatch, Fox Business, and Nasdaq.com. He currently resides in Las Vegas, where he enjoys golf and taking his black lab to the dog park. He's also an avid sports fan and likes to wager on college football and the NBA. You can also find him at the three-card poker and roulette table, even though he knows better. Contact Todd at todd.shriber@casino.org.\",\"sameAs\":[\"https:\/\/muckrack.com\/todd-shriber\",\"https:\/\/www.linkedin.com\/in\/toddshriber\/\",\"https:\/\/x.com\/etfgodfather\"],\"url\":\"https:\/\/www.casino.org\/news\/author\/todd-shriber\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"MGM Had 'F' Cybersecurity Grade Prior To Ransomware Attack","description":"MGM had 'F' patching cadence grade before recent cybersecurity incident.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/","og_locale":"en_US","og_type":"article","og_title":"MGM Had 'F' Cybersecurity Grade Prior To Ransomware Attack","og_description":"MGM had 'F' patching cadence grade before recent cybersecurity incident.","og_url":"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/","og_site_name":"Casino.org","article_publisher":"https:\/\/www.facebook.com\/Casino.OrgNews","article_published_time":"2023-09-19T16:32:02+00:00","article_modified_time":"2023-09-20T00:03:38+00:00","og_image":[{"width":1280,"height":720,"url":"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/02\/aria.jpg","type":"image\/jpeg"}],"author":"Todd Shriber","twitter_card":"summary_large_image","twitter_creator":"@etfgodfather","twitter_site":"@Casino_Org","twitter_misc":{"Written by":"Todd Shriber","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/","url":"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/","name":"MGM Had 'F' Cybersecurity Grade Prior To Ransomware Attack","isPartOf":{"@id":"https:\/\/www.casino.org\/news\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/#primaryimage"},"image":{"@id":"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/02\/aria.jpg","datePublished":"2023-09-19T16:32:02+00:00","dateModified":"2023-09-20T00:03:38+00:00","author":{"@id":"https:\/\/www.casino.org\/news\/#\/schema\/person\/f4cecf70a5032bc4e60eb73fc86d4a85"},"description":"MGM had 'F' patching cadence grade before recent cybersecurity incident.","breadcrumb":{"@id":"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/#primaryimage","url":"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/02\/aria.jpg","contentUrl":"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/02\/aria.jpg","width":1280,"height":720,"caption":"MGM's Aria on the Las Vegas Strip. The operator is selling $850 million in corporate bonds. (Image: YouTube)"},{"@type":"BreadcrumbList","@id":"https:\/\/www.casino.org\/news\/mgm-had-f-cybersecurity-grade-prior-to-ransomware-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"News","item":"https:\/\/www.casino.org\/news\/"},{"@type":"ListItem","position":2,"name":"Commercial Gaming","item":"https:\/\/www.casino.org\/news\/commercial-gaming\/"},{"@type":"ListItem","position":3,"name":"MGM Had \u2018F\u2019 Grade for Cyber Vulnerability Prior to Hack"}]},{"@type":"WebSite","@id":"https:\/\/www.casino.org\/news\/#website","url":"https:\/\/www.casino.org\/news\/","name":"Casino.org","description":"Latest Casino and Gaming News","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.casino.org\/news\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.casino.org\/news\/#\/schema\/person\/f4cecf70a5032bc4e60eb73fc86d4a85","name":"Todd Shriber","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.casino.org\/news\/#\/schema\/person\/image\/","url":"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/03\/cropped-11-96x96.png","contentUrl":"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/03\/cropped-11-96x96.png","caption":"Todd Shriber"},"description":"Todd Shriber is a senior news reporter covering gaming financials, casino business, stocks, and mergers and acquisitions for Casino.org. Todd got his start in financial markets as a reporter with Bloomberg News. Later, he became a trader at a Southern California-based long\/short hedge fund, where he specialized in the trading sector and international ETFs leading up to and during the financial crisis. He joined Casino.org in 2019. Currently, Todd analyzes, researches, and writes on ETFs for various web-based publications and financial services firms. Shriber has been featured and quoted in Barron's, CNBC.com, and The Wall Street Journal. His work can also be found on Benzinga, ETF Daily News, ETF Trends, MarketWatch, Fox Business, and Nasdaq.com. He currently resides in Las Vegas, where he enjoys golf and taking his black lab to the dog park. He's also an avid sports fan and likes to wager on college football and the NBA. You can also find him at the three-card poker and roulette table, even though he knows better. Contact Todd at todd.shriber@casino.org.","sameAs":["https:\/\/muckrack.com\/todd-shriber","https:\/\/www.linkedin.com\/in\/toddshriber\/","https:\/\/x.com\/etfgodfather"],"url":"https:\/\/www.casino.org\/news\/author\/todd-shriber\/"}]}},"_links":{"self":[{"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/posts\/290320"}],"collection":[{"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/users\/46"}],"replies":[{"embeddable":true,"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/comments?post=290320"}],"version-history":[{"count":5,"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/posts\/290320\/revisions"}],"predecessor-version":[{"id":290464,"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/posts\/290320\/revisions\/290464"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/media\/261405"}],"wp:attachment":[{"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/media?parent=290320"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/categories?post=290320"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/tags?post=290320"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}