Cyberattack on MGM allegedly carried out by ALPHV/BlackCat ransom group

According to Chris Denbigh-White, Chief Security Officer for Next DLP, casinos are both repositories of «substantial wealth and vast volumes of personal and financial data» that allow little tolerance for operational downtime.

According to Denbigh-White, this «makes them exceptionally alluring prey for cyber-criminal syndicates on the hunt for financial gain.»

The threat actors themselves, according to vx-underground, have admitted guilt, although as of the time this story was written, ALPHV/BlackCat has not mentioned the attack on its dark leak pages.

The MGM hospitality group had to shut down its network infrastructure due to a hack that occurred on Monday, rendering guest rooms unusable, digital room keys useless, slot machines broken, ATMs unusable, and casino floors empty.

The operator of hotel casinos on the Las Vegas Strip, including the Bellagio, Aria, Cosmopolitan and Excalibur, pre-emptively shut down large parts of its internal networks after discovering the breach on Sunday, one of the people said.

After learning of the intrusion on Sunday, the operator of hotel casinos on the Las Vegas Strip, including the Bellagio, Aria, Cosmopolitan, and Excalibur, preemptively shut down significant portions of its internal networks, according to one of the sources.

Chaos resulted from the attempt to contain the hackers. Key cards for thousands of hotel rooms stopped working, slot machines stopped paying out prizes electronically, and electronic transfers of profits slowed down. MGM declined to comment when contacted.

The Nevada Gaming Control Board was informed of the impact of the breach, the FBI announced that it was conducting an investigation, and state governor Joe Lombardo coordinated with local and federal law enforcement, according to a statement from the board.