Unveiling the MGM Cyber Attack: A $100 Million Breach

MGM Cyber Attack

In the interconnected world of the 21st century, cyber attacks have become an ever-looming threat, capable of wreaking havoc on even the most robust of systems. MGM Resorts, a hospitality and entertainment behemoth, found itself at the center of such a storm when it disclosed a cyber security issue on September 11, 2023. What followed was not just a disruption of services but a revelation of vulnerabilities that cost the company a staggering $100 million. This article delves into the intricacies of the MGM cyber attack, from its origins to its aftermath, shedding light on the implications for both the company and its customers.

The Genesis of the Attack:

The first signs of trouble emerged when MGM Resorts, a name synonymous with luxury and entertainment, announced a cyber security issue that sent shockwaves through the industry. The attack, which struck at the heart of MGM’s digital infrastructure, targeted key systems including its main website, online reservations platforms, and in-casino services such as slot machines and ATMs. What initially seemed like a technical glitch soon unraveled into a full-blown cyber crisis, revealing the extent of the breach and the sophistication of the threat actors involved.

Unmasking the Perpetrators:

In the aftermath of the attack, all eyes turned to the identity of the hackers responsible for the breach. It didn’t take long for MGM Resorts to point fingers at an affiliate of the notorious BlackCat/ALPHV ransomware gang known as Scattered Spider. These cybercriminals, adept at exploiting vulnerabilities and employing social engineering tactics, managed to infiltrate MGM’s network with alarming ease. Their actions not only resulted in the theft of sensitive customer data but also in the encryption of over a hundred ESXi hypervisors, crippling MGM’s IT infrastructure and disrupting its business operations.

Counting the Cost:

As the dust settled, MGM Resorts found itself grappling with the financial fallout of the cyber attack. The company disclosed in a FORM 8-K filing with the SEC that the incident had led to an estimated loss of $100 million in Adjusted Property EBITDAR for its Las Vegas Strip Resortsand Regional Operations. This substantial hit to earnings was further compounded by additional expenses exceeding $10 million, incurred for risk remediation, legal fees, third-party advisory services, and incident response measures. Despite the hefty price tag, MGM expressed confidence in its cybersecurity insurance coverage, assuring stakeholders that the financial impact would be contained within the third quarter of 2023.

Navigating the Aftermath:

In the wake of the cyber attack, MGM Resorts embarked on a mission to contain the damage and restore normalcy to its operations. The company’s swift response saw the gradual resumption of guest-facing systems, with assurances that any remaining offline systems would soon be brought back online. However, the road to recovery was fraught with challenges, as MGM worked tirelessly to shore up its defenses and fortify its digital infrastructure against future threats. The incident served as a sobering reminder of the ever-evolving nature of cyber warfare and the critical importance of robust cybersecurity measures in safeguarding against such attacks.


The MGM cyber attack stands as a cautionary tale for businesses across industries, underscoring the immense risks posed by cyber threats in today’s hyper-connected world. As MGM Resorts continues to recover and rebuild in the aftermath of the breach, the incident serves as a stark reminder of the need for constant vigilance and investment in cybersecurity defenses. For consumers, it highlights the importance of safeguarding personal information in an era where data breaches have become all too common. Ultimately, the MGM cyber attack serves as a wake-up call for businesses and individuals alike, reminding us that in the digital age, the cost of complacency can be staggering.

Frequently Asked Questions (FAQs)

  1. What exactly happened in the MGM cyber attack?

The cyber attack targeted MGM Resorts’ digital infrastructure, compromising its main website, online reservations systems, and in-casino services, leading to the theft of customer data and the encryption of critical IT systems.

  1. Who were the perpetrators behind the attack?

The cyber attack was orchestrated by an affiliate of the BlackCat/ALPHV ransomware gang known as Scattered Spider, employing social engineering tactics to breach MGM’s network.

  1. How much did the cyber attack cost MGM Resorts?

The attack resulted in an estimated loss of $100 million in earnings for MGM’s Las Vegas Strip Resorts and Regional Operations, along with additional expenses exceeding $10 million for risk remediation and legal fees.

  1. Will MGM Resorts be fully covered by its cybersecurity insurance?

Yes, MGM expects to be fully covered by its cybersecurity insurance, mitigating the financial impact of the breach.

  1. Has MGM restored all guest-facing systems affected by the attack?

Yes, MGM has restored all guest-facing systems, with any remaining offline systems expected to resume normal operations in the coming days.