Current:Home > BackCyberattacks strike casino giants Caesars and MGM-Angel Dreamer Wealth Society D1 Reviews & Insights
Cyberattacks strike casino giants Caesars and MGM
View Date:2024-12-24 07:24:03
LAS VEGAS — Casino company Caesars Entertainment on Thursday joined Las Vegas gambling rival MGM Resorts International in reporting that it was hit by a cyberattack, but added in a report to federal regulators that its casino and online operations were not disrupted.
The Reno-based publicly traded company told the federal Securities and Exchange Commission that it could not guarantee that personal information about tens of millions of customers was secure following a data breach Sept. 7 that may have exposed driver's license and Social Security numbers of loyalty rewards members.
"We have taken steps to ensure that the stolen data is deleted by the unauthorized actor," the company said, "although we cannot guarantee this result."
Brett Callow, threat analyst for the New Zealand-based cybersecurity firm Emsisoft, said it was not clear if a ransom was paid or who was responsible for the intrusion — and for the attack reported Monday by MGM Resorts.
"Unofficially, we saw a group called Scattered Spider claimed responsibility," Callow said. "They appear to be native English speakers under the umbrella of a Russia-based operation called ALPHV or BlackCat."
Scattered Spider also is known as UNC3944, said Charles Carmakal, chief technical officer at cybersecurity firm Mandiant. He called the group "incredibly disruptive and aggressive" in recent targeting of hospitality and entertainment organizations.
"They leverage tradecraft that is challenging for many organizations with mature security programs to defend against," Carmakal said in a statement.
Mandiant said in a blog analysis published Thursday the group uses SMS text phishing and phone calls to help desks to attempt to obtain password resets or multifactor bypass codes.
"This relatively new entrant in the ransomware industry has hit at least 100 organizations, most of them in the U.S. and Canada," Mandiant said.
Caesars is the largest casino owner in the world, with more than 65 million Caesars Rewards members and properties in 18 states and Canada under the Caesars, Harrah's, Horseshoe and Eldorado brands. It also has mobile and online operations and sports betting. Company officials did not respond to emailed questions from The Associated Press.
The company told the SEC that loyalty program customers were being offered credit monitoring and identity theft protection.
There was no evidence the intruder obtained member passwords or bank account and payment card information, the company reported, adding that operations at casinos and online "have not been impacted by this incident and continue without disruption."
The disclosure by Caesars came after MGM Resorts International, the largest casino company in Las Vegas, reported publicly on Monday that a cyberattack that it detected Sunday led it to shut down computer systems at its properties across the U.S. to protect data.
MGM Resorts said reservations and casino floors in Las Vegas and other states were affected. Customers shared stories on social media about not being able to make credit card transactions, obtain money from cash machines or enter hotel rooms. Some video slot machines were dark.
MGM Resorts has has about 40 million loyalty rewards members and tens of thousands of hotel rooms in Las Vegas at properties including the MGM Grand, Bellagio, Aria and Mandalay Bay. It also operates properties in China and Macau.
A company report on Tuesday to the SEC pointed to its Monday news release. The FBI said an investigation was ongoing but offered no additional information.
Some MGM Resorts computer systems were still down Thursday, including hotel reservations and payroll. But company spokesman Brian Ahern said its 75,000 employees in the U.S. and abroad were expected to be paid on time.
Callow, speaking by telephone from British Columbia, Canada, called most media accounts of the incidents speculative because information appeared to be coming from the same entities that claim to have carried out the attacks. He said recovery from cyberattacks can take months.
Callow pointed to reports that he called "plausible" that Caesars Entertainment was asked to pay $30 million for a promise to secure its data and may have paid $15 million. He also noted that the company did not describe in the SEC report the steps taken to ensure that the stolen data was secure.
The highest ransom believed to have been paid to cyber-attackers was $40 million by insurance giant CNA Financial, Callow said, following a data breach in March 2021.
"In these cases, organizations basically pay to get a 'pinky promise,'" he said. "There is no way to actually know that (hackers) do delete (stolen data) or that it won't be used elsewhere."
veryGood! (42)
Related
- John Robinson, successful football coach at USC and with the LA Rams, has died at 89
- Jessica Biel and Son Silas Timberlake Serve Up Adorable Bonding Moment in Rare Photo at U.S. Open
- Memphis City Council sues to reinstate gun control measures on November ballot
- Jack White threatens to sue over Trump campaign staffer's use of White Stripes song
- Just Eat Takeaway sells Grubhub for $650 million, just 3 years after buying the app for $7.3 billion
- What to watch: Not today, Satan! (Not you either, Sauron.)
- Artem Chigvintsev Previously Accused of Kicking Strictly Come Dancing Partner
- Sister Wives' Robyn and Kody Brown List $1.65 Million Home for Sale
- Mike Tyson has lived a wild life. These 10 big moments have defined his career
- Here's why pickles are better for your health than you might think
Ranking
- Brianna LaPaglia Addresses Zach Bryan's Deafening Silence After Emotional Abuse Allegations
- Neighbor held in disappearance of couple from California nudist resort. Both believed to be dead
- Reactions to the deaths of NHL star Johnny Gaudreau and his brother Matthew Gaudreau
- Feds: U.S. student was extremist who practiced bomb-making skills in dorm
- Sam LaPorta injury update: Lions TE injures shoulder, 'might miss' Week 11
- Will Lionel Messi travel for Inter Miami's match vs. Chicago Fire? Here's the latest
- ‘Dancing With the Stars’ pro Artem Chigvintsev arrested on domestic violence charge in California
- Women behind bars are often survivors of abuse. A series of new laws aim to reduce their sentences
Recommendation
-
As CFP rankings punish SEC teams, do we smell bias against this proud and mighty league?
-
One person is under arrest after attack on Jewish students, the University of Pittsburgh says
-
Oregon law rolling back drug decriminalization set to take effect and make possession a crime again
-
1 officer dead, 2 officers injured in Dallas shooting; suspect dead, police say
-
Watch a rescuer’s cat-like reflexes pluck a kitten from mid-air after a scary fall
-
Canadian rail union says it has filed lawsuits challenging back-to-work orders
-
Farmers in 6 Vermont counties affected by flooding can apply for emergency loans
-
Dwyane Wade Admits He and Gabrielle Union Had “Hard” Year in Tenth Anniversary Message