MGM and Caesars Hacks - September 2023

 
 

What happened?

MGM

On September 11th, MGM reported that they were dealing with a cybersecurity issue. Those issues included problems with hotel room keys, slot machines, their main website, and other hotel electronics. September 20th everything was back to normal(ish). On October 5th MGM announced that attackers access PII including: names; contact information; gender; date of birth; driver’s license; passport social security numbers for some customers dating back to March 2019.

Scattered Spider claimed responsibility for the hack. The gang got in using social engineering techniques. They pretended to be an IT employee and called the IT help desk to get access to the environment. Ransomware by Alphv/BlackCat was suspected to be deployed in the environment.

Caesars

The company said they suffered a data breach that compromised the information of loyalty program members. The compromised information included social security and driver’s license numbers and other personal information.

Scatter Spider is reported to be the threat actor in this hack as well utilizing the same types of social engineering techniques.

Impact

MGM

The company lost about $100 million based on their third quarter financial results. MGM has a policy that covers about $200 million for incidents like this.

Caesars

The company paid $30 million dollars in ransom to have the threat actors delete the data. Class action lawsuits have been filed against Caesars.

Links

The chaotic and cinematic MGM casino hack, explained - by Sara Morrison - Vox - October 2023

MGM Resorts’ Las Vegas area operations to take $100M hit from cyber attack - David Jones - Cyber Security Dive - October 2023

Caesars reportedly paid millions to stop hackers releasing is data - Steve Dent - Engadget - September 2023

Massive MGM and Caesars Hacks Epitomize a Vicious Ransomware Cycle - Lily Hay Newman - Wired - September 2023

Caesars Paid Ransom After Suffering Cyberattack - Katherine Sayre and Robert McMillian - Wall Street Journal (paywall) - September 2023

Caeasars Entertainment faces class action lawsuits following rewards database hackvid Jones - Cyber Security Dive

- September 2023