12 September 2023

MGM Resorts shuts down IT systems following security incident


MGM Resorts shuts down IT systems following security incident

The casino and hotel chain MGM Resorts International said it was hit by a cyberattack that affected some of its IT systems, including the main website, online reservations, and in-casino services, like ATMs, slot machines, and credit card machines.

The company said it has launched an investigation into the incident and shut down some of its systems as a precautionary measure.

According to reports on social media, the outage that took place on Sunday night, impacted ATM cash dispensers and slot machines at MGM’s Las Vegas casinos, and forced the company to switch to manual operations. Guests also reported that they couldn’t charge anything to their rooms and were unable to use their digital room keys.

The company said that all of MGM’s Grand Hotels & Casinos properties have been impacted by outages, including MGM Grand, Bellagio, Cosmopolitan, Aria, New York-New York, Park MGM, Excalibur, Luxor, Mandalay Bay and Delano.

The FBI said it is aware of the incident and characterized the event as “still ongoing” without disclosing any details.


Back to the list

Latest Posts

What is Vulnerability Management? A Beginner's Guide

What is Vulnerability Management? A Beginner's Guide

In this article will try to cover basics of vulnerability management process and why it is important to every company.
11 September 2024
Cyber Security Week in Review: September 6, 2024

Cyber Security Week in Review: September 6, 2024

In brief: the US charges Russian GRU hackers for attacks on Ukraine, Apache, Cisco, Zyxel patch high-risk flaws, Google fixes Android zero-day, and more.
6 September 2024
Threat actors using MacroPack Red Team framework to deploy Brute Ratel, Havoc and PhantomCore

Threat actors using MacroPack Red Team framework to deploy Brute Ratel, Havoc and PhantomCore

Some of the documents appeared to be part of legitimate Red Team exercises, while other were intended for malicious purposes.
5 September 2024