MGM Resorts International Targeted by Hackers in Recent Cyber Attack
Published on: October 12, 2023, 01:12h.
Last updated on: October 12, 2023, 01:12h.
A notorious group of hackers known as “Scattered Spider” recently breached the technology systems of major casino operators. In a surprising move, the hackers delayed making any financial demands from MGM Resorts International (NYSE: MGM) for several days.
MGM CEO Bill Hornbuckle disclosed in an interview with Bloomberg that the company had already been battling the ransomware attack for several days before Scattered Spider demanded compensation. MGM had already initiated the process of fortifying its cyber defenses when the hackers made their financial requests.
“I’d love to tell you there was this, you know, ‘a jump on a white horse moment and devil be damned — we’re not paying these bastards,’” Hornbuckle told Bloomberg’s Margi Murphy. “The reality is because we caught this so early and we were on them.”
The cyber attack had a significant impact on MGM’s operations. The company stated that it expects third-quarter earnings to be reduced by $100 million, and it incurred one-time costs of at least $10 million related to the incident.
Eventful September for MGM
The hackers initiated the attack on MGM’s systems on September 7, although the ransom demand did not arrive until several days later.
During that time, Scattered Spider wreaked havoc on MGM’s operations across the US. The attack caused long check-in lines, delays in employee payments, and disrupted gaming machines.
Interestingly, the cyber thieves had previously targeted MGM’s rival, Caesars Entertainment (NASDAQ: CZR), and received a $15 million payment from the company. Hornbuckle expressed surprise, noting that MGM was unaware of the ransomware attack on Caesars until after they were dealing with their own attack.
Reports indicate that Scattered Spider gained access to Caesars’ network through an external vendor. The breach is believed to have started on August 27.
MGM and Caesars are two major operators on the Las Vegas Strip, with a significant presence in regional casinos throughout the country.
MGM Refused to Pay Ransom
Caesars and MGM responded differently to the attacks by Scattered Spider. Some critics may argue that MGM would have been better off paying the hackers. However, the FBI advises against complying with ransom demands, as it only encourages further attacks. Hornbuckle did not disclose the amount of the ransom demand but expressed relief that MGM did not pay.
MGM’s systems have been fully restored, and any financial damage will be covered by insurance, primarily affecting the third quarter.