Hotel and casino giant MGM Resorts has revealed that it is investigating a "cybersecurity incident" that has resulted in its website being taken offline, an outage of online booking systems, and even problems with slot machines.
According to social media posts by frustrated guests, even ATM and credit card machines were disrupted - which must be alarming to any chain of casinos.
Some resort guests have even reportedly been left struggling to enter their rooms, according to a BBC News report, with staff resorting to distributing physical keys to holiday-makers.
The main website of MGM Resorts is down, with visitors greeted by a simple message suggesting they use the telephone to make hotel reservations, or use third-party booking companies to buy tickets for shows and attractions.
On Twitter, MGM Resorts posted early on Monday that it had "recently identified a cybersecurity issue affecting some of the company's systems."
The company says that it has sought assistance from external experts, and has notified law enforcement of what - lets be honest - sounds like a ransomware attack.
MGM Resorts says that its investigation into the incident is ongoing, and in a follow-up tweet, said that its resorts' dining, entertainment, and gaming facilities were currently operational.
Unfortunately, MGM Resorts is no stranger to cybersecurity "incidents" in recent years.
In early 2020, it was revealed that the details of over 10 million hotel guests - including then-Twitter boss Jack Dorsey and pop star Justin Bieber - had had their personal details posted online by hackers.
That breach, which MGM linked to unauthorised access to a cloud-based server, included guests' names, addresses, phone numbers, dates of birth, and email addresses - raising concerns that cybercriminals could use the information in further attacks and identity theft.
Obviously there will be concerns that if malicious hackers have managed to breach MGM Resorts' systems again that they may have also successfully exfiltrated more customer data.
MGM Resorts consists of 28 resorts including the luxurious Aria, Bellagio, Cosmopolitan, Excalibur, Luxor, MGM Grand, Mandalay Bay, and New York New York hotels in Las Vegas. However, the attack is thought to have impacted resorts across the United States.
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsNovember 14, 2024
September 06, 2024