Casino’s generally maintain state-of-the-art security systems, according to the movies anyway, and walking into these luxurious buildings we’re sure to believe they can afford the best of the best.
Sometimes, the best of the best, can still result in a data breach. That’s what happened at MGM Vegas.
MGM’s properties include; the MGM Grand, the Bellagio, ARIA, and Mandalay Bay, and they have not disclosed which, if not all, properties were affected in the breach (although the actual “hack” took place late last year).
According to ZDnet, “the personal details of more than 10.6 million users who stayed at MGM Resorts hotels have been published on a hacking forum (last) week.” These leaked files even contain personal information for, “celebrities, tech CEOs, reporters, government officials, and employees at some of the world’s largest tech companies.”
Now that’s a high-end list of individuals (including Justin Bieber) … Considering full names, addresses, phone numbers, emails and birthdates were leaked, we’re hoping they all have the proper protection to avoid fraud attempts and possible hacks into their emails, bank accounts, or identity.
So, how did one of the most famous Vegas hotels suffer a breach?
In a statement, MGM explained that “Last summer, we discovered unauthorized access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts.” Limited of course, in the sense that there was no financial information or passwords stolen, but we’re sure to the guests who now have their personal info floating around the darkweb, “limited” is not the word they would choose.
All guests were notified of the breach, and MGM states they have two cybersecurity firms looking into why the server was exposed.
Until then, we just have to rely on their word, “At MGM Resorts, we take our responsibility to protect guest data very seriously, and we have strengthened and enhanced the security of our network to prevent this from happening again.”
The negative implication of course, is that the publicity of this “data dump on a very popular and openly accessible hacking forum” means the high-profile persons with leaked info are at risk for an increase in spear phishing attacks and SIM swapping.
While this may hurt MGM’s reputation, we are again reminded that contrary to the popular belief, what happens in Vegas, doesn’t stay in Vegas.
If you need assistance with cybersecurity services contact DarkHound at [email protected].
Image Source: https://unsplash.com/photos/0jH9HOxPBKw