Cyberattack cost MGM Resorts about $100 million, Las Vegas company says


Cyberattack cost MGM Resorts about $100 million, Las Vegas company says

MGM Resorts International, the Las Vegas-based parent company of resorts such as the Bellagio and MGM Grand, recently disclosed that it suffered a cyberattack resulting in a financial cost around $100 million.

The attack, which occurred in February, was discovered and deemed to be “not material” to MGM’s financial performance by the company’s executive team. Days later, MGM provided an update, recognizing the costs from the attack had grown past the initial assessment and would now amount to around $100 million.

MGM said while many of the investigation’s details have been kept secret, it is believed hackers illegally accessed customer data, including names, pleading addresses, dates of birth, social security numbers and passport numbers. The company’s expected data breach class-action legal fees have been factored-in as part of the estimated costs.

MGM also noted that the attack on its systems is believed to be part of an ongoing attack on the entire hospitality industry, remarking that “multiple other large organizations have recently experienced similar, or even larger cyber-attacks” of their networks.

The resort company said it didn’t anticipate the loss to result in customer losses or to have a negative long-term effect on its operations.

MGM is now working on proactively resetting passwords it believes may have been vulnerable and alerting customers of the need to do the same for their own accounts. The company also will be launching a call center to handle any potential inquiries, which should be active and operational in the coming days.