Both MGM Resorts and Caesars Entertainment have come under cyberattack, with systems compromised and consequences ranging from dark slot machines to hotel room key cards that stopped working.
Cyberattacks Strikes MGM Resorts and Caesars Entertainment In Las Vegas
The attack began at MGM Resorts on September 10, 2023 and later spread to Caesars Entertainment. Guests noticed slot machines went dark, electronic key cards stopped working, tabs could not be opened at restaurants or bars, and login to the app was disabled.
While MGM reports that most systems are back online, it has waived all cancellation fees and still has been unable to restore functionality to its app. It is not clear at this point how much data consumer data, if any, was compromised.
Groups including ALPHV/Black Cat and Scattered Spider have claimed responsibility for these attacks. These groups prey upon vulnerabilities by taking over systems and holding them ransom for big payouts, often 7-8 digits. Caesars Entertainment reportedly paid $15 million to regain access to its systems.
Interestingly, ALPHV defended its MGM cybertalk on “Robin Hood” grounds, claiming MGM insiders are selling stocks and no executives have bought it over the last year. Even more interesting, the group claims that MGM’s pain was somewhat self-inflicted when it chose to shut down all its systems preemptively, making it easier for hackers to penetrate firewalls.
https://twitter.com/aejleslie/status/1702417787006673076?
I was considering one last Las Vegas run this week just to take all the pressure off of requalifying for World of Hyatt Globalist status, but I have been unable to log into my MGM app for the last week in order to make the reservation.
CONCLUSION
Guests at Caesars Entertainment and MGM Resorts in Las Vegas this week are encountering a number of inconveniences as a cyberattack spreads into its second week.
I almost opened this story by joking that the militant wing of the Bonvoy Army has launched a preemptive attack on MGM to stop Hyatt members from profiting in the waning days of the partnership, but this is really not a laughing matter. Wars in the future will be fought electronically and obtaining supremacy over your own data becomes more important by the day.
What’s even more frightening is that one would imagine MGMs systems to be one of the most secure in the world. The fact that these groups can dig in so easily is scary. Makes you see how vulnerable everything is out there. And that we are really being toyed with.
Caesars was wrong to pay these terrorists as it only enables their behavior. And I believe the government should be involved up to, and including drone strikes to kill those behind this. Sounds extreme but at what point do they move on to hospitals, power grids and other essential services?
They are terrorists and should be dealt with as such.
I agree with you.
I won’t advocate straight up killing the groups responsible for casino hacks, but other than that, yes they need to to otherwise treat it at least a precursor to what a real Russian/Chinese cyber warfare would look loke
I’m not sure bunker-buster bombs targeting Mama’s basement are prudent, but we see why (for example), support is so strong for Nayib Bukele in El Salvador when 1.) crime is rampant and 2.) he executes criminals.
It’s not just Vegas casinos getting hacked. It’s small businesses, it’s county and municipal governments, it’s non-profits and NGOs. Sadly, paying the ransom is often the most economical option. Without meaningful help from an outside party (like the FBI) what decision would you make?
This is so interesting, Oceans type stuff. And kind of scary when you realize how much security these Casinos have.
Most hackers that do this are based in Russia, Iran, North Korea and similar countries. While hacking is always possible most companies refuse to spend on top security talent and instead spend money on over paid executives so you largely get what you deserve. Often companies that get hacked do so because they refuse to take proper precautions. Kind of like some person with medical issues who refuse dietary changes, exercise or even take prescribed medications.
It would be nice if there weren’t hackers but also be nice if companies used common sense.