Security News > 2020 > July > Leaked Details of 142 Million MGM Hotel Guests Found for Sale on Dark Web
Researchers have found 142 million personal details from former guests at the MGM Resorts hotels for sale on the Dark Web, evidence that a data leak from the hotel chain last summer may be far bigger in scope than previously thought.
In the ad, the hacker makes a connection between the newly advertised credentials and a previously known leak of personal details of more than 10.6 million guests who had stayed at MGM Resorts.
"However, what was not reported was that MGM Grand Hotels was also breached, consisting of 142 million entries," according to the underground forum ad. MGM Resorts International is the parent company for the MGM Grand as well as some of the most iconic and well-known resorts in Las Vegas, including the Bellagio, Mandalay Bay, the Mirage and Luxor.
As there is no "MGM Grand Hotels" in the chain-merely the MGM Grand and the parent company MGM Resorts - it's not entirely clear which properties specifically contributed the 142 million credentials being sold online.
There is evidence that the breach could have affected up to 200 million MGM clients, according to Tuesday's ZDNet report, which cited posts on Russian-speaking hacking forums promoting the sale of even more MGM credentials.
News URL
https://threatpost.com/leaked-details-142-million-mgm-hotel-guests/157402/
Related news
- Dark Web Monitoring: What's the Value? (source)
- Cheap ransomware for sale on dark web marketplaces is changing the way hackers operate (source)
- Dell customer order database of '49M records' stolen, now up for sale on dark web (source)
- What Is the Dark Web? (source)
- Owner of Incognito dark web drugs market arrested in New York (source)