Everything we know about the MGM Cyberattack

Cybersecurity specialist at work
Cyberattacks involving ransomware are a growing threat to organizations worldwide in the digital age. One recent incident that has captured global attention is the MGM cyberattack. As one of the largest entertainment companies in the world, MGM’s security breach has raised concerns about data protection and cybersecurity measures across industries. In this article, we aim to delve into everything we know about this significant cyberattack—its impact, implications, and potential consequences for not only MGM but also countless other businesses navigating the perilous waters of cyberspace. By unravelling the details surrounding this attack, we hope to shed light on its magnitude and provide invaluable insights for individuals and organizations striving to fortify their defences against such malicious acts in our ever-evolving digital landscape.

When was MGM hacked? History repeats itself

MGM first suffered a breach that took place in 2019, although the exact date of the breach remains undisclosed. The incident garnered widespread attention due to MGM’s prominence as one of the world’s leading entertainment companies. This security breach has sparked discussions and heightened anxieties about data protection and cybersecurity measures not only within MGM but also across various industries globally. A North Korean hacking group stole and published the information of over 10 million account holders.
Just a few weeks ago there was another security incident that forced MGM and partner resorts to pay millions in ransom to have their IT system fully operational and prevent customer data from being sold on the dark web. At the time of writing (Sept. 25, 2023), many of their systems are still down including slot machines, payment terminals and smartphone applications. This has led to a significant decline in both customer satisfaction and revenue.

How did the MGM hacks happen?

The first MGM hack is believed to have been a result of a data breach that occurred in 2019. The attack involved the personal information of over 10. The personal information of six million previous customers has been exposed online. Reports suggest that the hackers gained unauthorized access to MGM’s network through phishing emails, which deceived employees into clicking on malicious links or providing sensitive information.
In 2019, once inside MGM’s system, the hackers were able to move laterally and gain access to additional databases containing guest details, including names, addresses, phone numbers, and email addresses. It is unclear whether payment card information was compromised in this attack.
In 2023, it’s believed that a social engineering scheme was used to gode an MGM employee into giving login credentials or access to a rogue actor. The social media platform that was used to target MGM employees was LinkedIn. Once access was obtained, the hacking group, whom the internet is speculating is a group called Scattered Spider, used ransomware-as-a-service to lock MGM’s networks and applications until their demands were met. A large quantity of data was also stolen from Caesars entertainment group. If you believe your personal information may be part of the Caesars data theft, you can learn more here.
These incidents highlight the importance of robust cybersecurity measures for organizations like MGM and serve as a wake-up call for businesses globally regarding the need for comprehensive data protection practices. As cyberattacks continue to evolve in sophistication and volume, organizations across industries must remain vigilant in their efforts to safeguard sensitive customer information from falling into the wrong hands.
Is LinkedIn still safe to use or am I at risk of a social engineering scam?
In the era of increasing cyber threats, concerns about data protection and cybersecurity measures have arisen across industries. In light of such incidents, it is essential to assess whether platforms like LinkedIn are still safe to use or if there is an elevated risk of falling victim to social engineering scams.
LinkedIn remains a generally safe platform for professional networking and job searching. The company implements various security measures to protect user data from breaches or unauthorized access. However, no platform can entirely eliminate all risks associated with social engineering scams targeting individuals’ personal information. It is crucial for users to remain vigilant when interacting on LinkedIn and avoid clicking on suspicious links or sharing sensitive details with unknown connections.
Overall, while LinkedIn employs security protocols aimed at protecting user privacy, the evolving nature of cybercrime means there will always be some degree of risk involved in online activities. Staying informed about current threats and practicing good digital hygiene can help mitigate these risks effectively. LinkedIn has a large security team. Protect your organization by having a cybersecurity assessment; contact us today.
Who are the hackers behind the MGM hack?
Many journalists have speculated that this breach may be linked to a hacking group known as Scattered Spider. They are notorious for infiltrating websites and stealing sensitive data by injecting malicious codes into payment pages. Their primary objective is to steal credit card information and other personally identifiable information (PII) from unsuspecting victims.
While it is still unclear who exactly was responsible for the MGM hack, some experts believe that nation-state actors may be involved due to the scale and sophistication of the attack. Nation-states often conduct cyberattacks against foreign organizations for various reasons, such as intelligence gathering or retaliation against geopolitical adversaries. The stolen data from this incident could potentially be used for espionage purposes or sold on underground markets, highlighting the level of danger posed by these sophisticated hackers.
Regardless of their exact identities, this attack serves as a wake-up call for businesses worldwide to enhance their cybersecurity measures and prioritize robust data protection strategies. Organizations must invest in advanced threat detection systems, employee training programs, encryption technologies, and regular vulnerability assessments to mitigate future risks posed by skilled hackers like those behind the MGM breach.
Cybersecurity specialist working on computer
How can I tell if my cybersecurity plan incorporates defence sensors?
To determine if your cybersecurity plan incorporates defence sensors, there are several key indicators to look for. Firstly, a comprehensive plan should include the deployment of various types of sensors throughout the network infrastructure. These sensors can range from simple intrusion detection systems (IDS) to more advanced tools that monitor and analyze network traffic in real-time.
In addition, your cybersecurity plan should also outline how these defence sensors integrate with other security measures in place. This includes their ability to share information with firewalls, antivirus software, and threat intelligence platforms, allowing for a coordinated response to emerging cyber threats.
Finally, the effectiveness of your cybersecurity plan can be assessed by evaluating whether appropriate personnel are trained in operating and monitoring these defence sensors. Regular assessments and reviews should be conducted to ensure that the sensors are up-to-date and configured correctly according to best practices.
By incorporating defence sensors into your cybersecurity plan, you can significantly enhance your organization’s ability to detect and respond to cyber threats effectively.
How much have companies like Ceasars paid the hackers?
There is no concrete information available regarding how much companies like Ceasars have paid the hackers involved in the MGM cyberattack, but estimates are over $80 million and this figure does not fully account for lost revenue. As a professional entertainment giant, MGM has not disclosed any specific details on ransom payments made to the attackers. It is common for targeted organizations to refrain from discussing such matters publicly due to legal and reputation concerns. Information related to financial transactions between victims and hackers remains largely undisclosed and shrouded in confidentiality.
However, it is important to note that paying ransoms can encourage further cyberattacks incentivizing criminals with significant financial gains. Many security experts advise against giving in to hacker demands as it perpetuates this dangerous cycle of exploitation. Instead, businesses are encouraged to prioritize preventative measures through robust cybersecurity protocols, employee training, and regular software updates among other strategies aimed at mitigating potential breaches before they occur.
What is the most famous hack in history?

The most famous hack in history is difficult to determine definitively, as there have been numerous high-profile cyberattacks over the years. However, one incident that stands out is the Sony Pictures hack of 2014. This attack, attributed to North Korean hackers, resulted in a massive data breach where sensitive employee information and internal company emails were leaked online. The impact of the Sony Pictures hack was far-reaching, not only affecting the entertainment industry but also raising concerns about national security and diplomatic relationships.

Another infamous cyberattack in 2017 when Equifax, one of the largest credit reporting agencies in the United States, suffered a major breach compromising personal information from approximately 148 million consumers. The fallout from this incident included lawsuits and investigations into Equifax’s handling of security measures and highlighted weaknesses within critical infrastructure systems.
These two examples demonstrate that cyberattacks can have consequences for both businesses and individuals alike. They served as reminders that no organization or individual is immune to cybersecurity threats and underscored the importance of robust defensive strategies to mitigate potential damages.
How can Global Edge 2020 Inc. help prevent social engineering scams and hacks like the recent MGM cyberattack?
We play a crucial role in preventing social engineering scams and hacks like the recent MGM cyberattack. One way we can help is by implementing robust security measures, such as multifactor authentication, to provide information. By requiring users to provide multiple forms of identification before granting access, we can greatly reduce the chances of unauthorized individuals gaining entry to our clients’ systems.
Additionally, our agency can educate employees about recognizing and reporting phishing attempts and other social engineering tactics commonly used by hackers. Regular training sessions and simulated phishing campaigns can raise awareness among staff members and empower them to act as the first line of defence against cyber threats.
Furthermore, round the clock monitoring and analysis of network traffic allow us to identify any suspicious or abnormal activities that may indicate a potential security breach. With real-time threat detection capabilities, we can quickly respond to incidents before they escalate into full-scale attacks.
Overall, through proactive prevention strategies, employee education programs, and advanced threat detection technologies, our cybersecurity agency works tirelessly to safeguard businesses from social engineering scams and hacks like the one at MGM. We have network security administrators and cybersecurity specialists ready to assist you by calling 403-266-5238 / 1-888-226-3910. Or visit our contact page.