NEWS
Caesars Entertainment Reports Data Stolen in Cyberattack, Joining Rival MGM
Courtesy of caesarsentertainment/Instagram
Caesars Entertainment on Thursday reported to the Securities and Exchange Commission that it was hit by a cyberattack on Sept. 7 and customer data was stolen, though its operations were unaffected.
The disclosure comes as Caesars rival MGM Resorts International is still attempting to resolve a cyberattack that shut down many of its casino and online operations on beginning on Sunday.
In its SEC filing, Caesars said it detected “suspicious activity” in its network resulting from a “social engineering attack on an outsourced IT support vendor.” The company said the hacker obtained its loyalty program database, “which includes driver’s license numbers and/or social security numbers for a significant number of members.”
The company said that so far it has “no evidence” the hacker acquired member passwords/PINs, bank account information, or payment card information, but that it is continuing to investigate the extent of any additional data that may have been stolen.
“We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result,” Caesars said in the filing. It’s unclear what steps were taken, but some reports suggest a ransom was paid to the hacker.
Caesars said its “customer-facing operations, including our physical properties and our online and mobile gaming applications, have not been impacted by this incident and continue without disruption.”
Meanwhile, MGM Resorts International said Thursday it was still working to resolve its “cybersecurity issue,” which began on Sunday, forcing the company to shut down computer and casino systems at more than a dozen properties across the U.S.
“Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts,” the company said in a statement Monday. “We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems.”
The security breach began affecting systems on Sunday, rendering many hotel systems inoperable, as well as casino and online betting systems. The company’s MGM Grand Las Vegas website and BetMGM Nevada websites were unavailable for days. The company’s main website was still down as late as Thursday, displaying only a list of properties and their phone numbers, but appeared active again Friday.
The company said the investigation was ongoing, and it was still working to determine the “nature and scope” of the breach. It did not release any details on who may be responsible for the attack.
Both companies have said they are in contact with relevant law enforcement agencies along with the Nevada Gaming Control Board.
Earlier this week, malware research group VX-Underground said in a post on X, formerly Twitter, that the ransomware group “ALPHV,” also known as Black Cat, was allegedly responsible for the attack on MGM.
“All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk. A company valued at $33,900,000,000 was defeated by a 10-minute conversation,” VX-Underground said.
Authorities have not confirmed that claim.
Bloomberg News reported on Wednesday that the same group was responsible for the attack on Caesars, and that the company “paid tens of millions of dollars” to the hackers.
Caesars did not disclose whether it paid a ransom, but said in its filing that “we have incurred, and may continue to incur, certain expenses related to this attack, including expenses to respond to, remediate and investigate this matter.”
“Lady luck is the not our side when we are evaluating security incidents. In addition to power and control, the ransom technique has proved effective when threats escalate to releasing data or creative harm to customers or communities. The reported average paid is $5 million, with reports of up to $30 million,” said AI adviser and tech executive Marva Bailer.
She said that even “sophisticated companies” are not immune to these attacks.
“Ninety-five percent of cyber-attacks are a result of human error. The technology systems are sophisticated and operate under the Zero Trust Model. Humans by nature trust and verify, or in many cases are operating from pure trust, leaving an open door for bad actors to take full advantage and cause widespread harm,” Bailer said.
“These attacks are not isolated one-time occurrences, keeping companies in an offensive mode. Over 50% of these large enterprises mitigate risk with cyber insurance. The market is expected to reach $84.62 billion by 2023,” Bailer said. “These policies may cover ransom money, extortion-related expenses, and restoration of the enterprise.”
TMX contributed to this article.
