Posted on: October 30, 2023, 11:00h. 

Last updated on: October 30, 2023, 11:00h.

Marriott International and MGM Resorts International have decided to postpone their highly anticipated customer loyalty partnership until next year. This decision comes after MGM Resorts International experienced a ransomware attack in September, causing delays in their plans.

In July, Marriott International and MGM Resorts International announced the MGM Collection with Marriott Bonvoy. This strategic licensing agreement covers MGM’s 17 domestic properties, including those located on the Las Vegas Strip and the brand’s regional casino hotels. Originally set to take effect this month, the launch has now been pushed back to 2024.

The delay is believed to be a result of a cyberattack in September conducted by the hacking group “Scattered Spider.” Despite the setback, MGM has stated that the incident is behind them and that no ransom was paid to the hackers. However, the attack did lead to $10 million in one-time costs and a $100 million impact on MGM’s third-quarter earnings before interest, taxes, depreciation, amortization, and restructuring or rent costs (EBITDAR).

Reasons for the Delay

The delay in the Marriott and MGM partnership can be attributed to several factors. Both companies deal with significant amounts of sensitive customer data, and the recent cyberattack on MGM may have raised concerns about data security. Additionally, the large size and scope of their respective reward programs could have contributed to the decision to delay. MGM Rewards has over 40 million members, while Marriott Bonvoy has more than 180 million participants.

Given the potential reputational risk associated with cyberattacks, it is understandable that Marriott and MGM are taking a pragmatic approach to launching their partnership. Marriott has experienced cyberattacks in the past, including incidents in 2014, which resulted in a £24 million fine in the UK, as well as in 2020 and last year.

Possible Logistic Issues

While neither Marriott nor MGM have confirmed that the ransomware attack is the sole reason for the partnership delay, logistical factors may also be at play. The partnership involves multiple layers, and different MGM casino hotels are included in various tiers.

According to a statement issued by the companies in July, out of the 17 MGM resorts that will join the MGM Collection with Marriott Bonvoy, four properties will also be affiliated with existing Marriott collection brands. These include Bellagio Resort & Casino, which will join The Luxury Collection, ARIA Resort & Casino, which will join Autograph Collection, Park MGM, which will become part of Tribute Portfolio, and The Cosmopolitan of Las Vegas, which will continue its affiliation with Autograph Collection.

MGM’s other Las Vegas Strip venues, as well as five of the operator’s regional casinos including Borgata in Atlantic City, NJ, will also be part of the MGM Collection with Marriott Bonvoy.