Posted on: September 15, 2023, 07:59h.
Last updated on: September 15, 2023, 07:59h.
A major criminal organization responsible for recent cyberattacks on MGM Resorts and Caesars Entertainment has announced that they have stolen six terabytes of data from these casino giants.
An international hacking group known as Scattered Spider has taken responsibility for these cyberattacks. MGM fell victim to the attack on Sunday and continues to face significant disruptions to its operations in Las Vegas and throughout the US. It is reported that MGM is refusing to pay a ransom.
In contrast, Caesars chose to pay a ransom after its Caesars Rewards database was hacked on September 7. Caesars Palace and Paris Las Vegas operator revealed this information through a Securities and Exchange Commission filing. While no specific ransom amount was disclosed, reports suggest that the company settled for $15 million, after Scattered Spider initially demanded $30 million.
Reuters recently contacted representatives from Scattered Spider through the secure messaging platform Telegram. The media outlet was tipped off about an insider source from a cybersecurity expert. Telegram was the platform where data was shared during a previous hack of MGM’s systems in 2019.
Confidential Data Obtained
During the interview with Reuters, the spokesperson for Scattered Spider confirmed that their hack of Caesars successfully acquired personal information about the casino’s rewards members. This sensitive information included driver’s licenses and social security numbers.
Although the spokesperson did not disclose the details of the data stolen from MGM, they confirmed that the hack was also fruitful. When asked about the possibility of making the data public, the spokesperson gave a vague response.
If MGM wishes to release that information, they will. We do not do that,” the Scattered Spider spokesperson said.
Scattered Spider did not reveal the portion of the stolen six terabytes of data that belongs to MGM and Caesars respectively.
A terabyte is equivalent to 1,000 gigabytes of data. According to Dropbox, a cloud-based file hosting service, 1,000 gigabytes can store approximately 6.5 million document pages.
The Weakest Link
Cybersecurity experts emphasize that large companies like MGM and Caesars invest heavily in their IT security. However, successful hacks often result from human error and security officials being deceived by malicious actors.
Scattered Spider is known for impersonating employees of the targeted companies. The hackers frequently make phone calls to IT departments, with one common tactic involving a hacker pretending to be an employee who needs their email or login password reset.
Scattered Spider is widely recognized for its well-established social engineering capabilities, which many other groups lack. They are rumored to have a significant presence in the United States, an advantage not shared by many other groups,” said Drew Schmitt, practice lead at GuidePoint Security, a cybersecurity consultancy, in an interview with Casino.org.
“Regarding the MGM hack, there has been a lot of focus on the fact that a brief social engineering phone call resulted in widespread compromise within a large organization,” Schmitt explained. “Although we currently do not have the complete picture, this intrusion highlights potential cybersecurity gaps, and there is likely more to this attack than meets the eye.”
“Scattered Spider is highly determined and persistent in their operations. If it weren’t for this social engineering attempt, they may have employed other more technical methods. Sometimes attackers get lucky, and this could be one of those times,” Schmitt concluded.