MGM casinos still reeling from ‘cybersecurity issue’ | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware


MGM’s casinos in Las Vegas continued to be plagued by “cybersecurity issue” on Friday — five days after getting hacked — with many slot machines silenced while guests squawked about broken elevators and poor service.

One person staying at MGM Resorts-owned Aria said the hotel was handing out so-called “guest recovery voucher to any hotel guest who complains about basically anything at all this weekend,” according to a post on social media platform X.

The $25 voucher says the hotel “sincerely apologizes if any part of your visit has been less than exceptional.”

Another user on the site formerly known as Twitter posted a photo showing a case of water in an elevator.

“Front desk mentioned some of the elevators were randomly getting stuck,” the user captioned the post.

It was unclear which of the 12 MGM-operated hotels on the Las Vegas Strip this particular user was staying at.

Casino floors in Las Vegas looking uncharacteristically dark — a sign that MGM has not reached an agreement with the ransomware group behind the attack.
Brian Prahl /
MGM Resorts International operates 31 hotels — 12 of which are located on the Las Vegas Strip.

Meanwhile, a video shared of Aria’s casino showed dozens of gaming machines with blacked-out screens displaying an “out of service” message, while over in the lobby, a long line stretched at the reception desk.

Another clip showed the Aria slots malfunctioning, with screens flickering in a very apparent software issue.

“The Aria slot machines are extra hacked today,” the user captioned the post.

MGM has remained vague about the nature of the hack — which reportedly affected its hotels in Las Vegas and seven other states — though assured guests that “the vast majority of our property offerings currently remain operational,” and the hotel was still accepting reservations “through third-party booking sites.”

Many slot machines displayed “out of service” messages, while those that were working required handpay, meaning an MGM staffer dished out winnings in cash.
Rachael Hooks/Twitter

An update shared to the company website said that as of Friday, MGM Resorts was still being affected by a cybersecurity issue.

A gambler who won on a working Bellagio slot machine showed that winnings are only being paid out by hand, with an MGM staffer dishing out the cash.

Besides eye-watering financial losses and offline slot machines, other reports over the past few days included guests getting locked out of their rooms, hotel phones not working and MGM’s company website crashing.

Staffers at Aria were handing out $25 vouchers that could be used on food or drinks to placate guests.
Las Vegas Locally/Twitter

According to digital security watchdog site Cybernews, the hackers behind the breach — which the outlet identified as the ALPHV/BlackCat (ALPHV) ransomware group — issued a statement around 8 p.m. on Thursday threatening “additional attacks” if their ransom demands are not met.

MGM has yet to say whether it plans to comply with the hackers.

Representatives for MGM did not immediately respond to The Post’s request for comment.

Shares of MGM Resorts International were down nearly 2%, to $40.97, on Friday, as the company continued grappling with its cybersecurity woes.

Because company computers were also affected by the cyberattack, check-in lines grew painstakingly long.
Jacob Orth/Twitter

Meanwhile, Caesars Entertainment on Thursday reportedly paid roughly $15 million in an attempt to placate hackers who threatened to leak the sensitive customer data stolen during a summer cyberattack.

The Las Vegas casino giant’s payout was approximately half of the $30 million that the hackers had demanded, according to The Wall Street Journal.

Caesars admitted that the hackers breached its systems through a “social engineering attack on an outsourced IT support vendor,” according to a regulatory filing.

The hackers stole a copy of the Caesars’ loyalty program database, including the driver’s license numbers and Social Security numbers “for a significant number” of customers.

Caesars did not identify the culprits behind the cyberattack, which reportedly began around Aug. 27 with the help of a group called Scattered Spider or UNC 3944.

Click Here For The Original Source.

National Cyber Security