Hospitality and entertainment giant MGM Resorts on Monday said a “cybersecurity issue” forced the shutdown of certain computer systems, including the websites for some of the biggest Las Vegas and New York properties.
A brief note posted to X (the website formerly known as Twitter) said external cybersecurity experts and law enforcement are involved in an investigation that has all the hallmarks of a ransomware extortion attack.
Here’s the full MGM Resorts statement:
“MGM Resorts recently identified a cybersecurity issue affecting some of the Company’s systems. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems.
Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter.”
MGM Resorts properties include the Mandalay Bay (the site of the Black Hat security conference), Bellagio, MGM Grand, Aria, Luxor and the Cosmopolitan.
The incident began sometime on Sunday and affected hotel reservation systems throughout the United States and other IT systems that run the casino floors.
At 1:00PM PST Monday, services on the company’s homepage remained unavailable.
Related: BetMGM Confirms Breach Affecting 1.5 Million Customers
Related: Hospitality Chain Hit by Ransomware Attack
Related: Payments Giant NCR Hit by Ransomware