MGM Resorts attackers hit personal data jackpot, but house lost $100M

2023-10-06 15:30

MGM Resorts has admitted that the cyberattack it suffered in September will likely cost the company at least $100 million.

According to an 8K filing with the Securities and Exchange Commission on Thursday, MGM Resorts said less than $10 million has also been spent on "One-time expenses" such as legal and consultancy fees, and the cost of bringing in third-party experts to handle the incident response.

"Operations at the company's domestic properties have returned to normal and virtually all of the company's guest-facing systems have been restored," said MGM Resorts.

"MGM Resorts is notifying relevant customers by email as required by law and has arranged to provide those customers with credit monitoring and identity protection services at no cost to them. Individuals who receive an email from MGM Resorts about this issue should refer to that email for additional information and instructions for enrolling in these services."

It's thought to be an affiliate of the ransomware-as-a-service group AlphV, a group that made public statements about the attack on its website, claiming to have launched ransomware on MGM Resorts' systems, impacting more than 100 ESXi hypervisors.

MGM Resorts is yet to detail the full nature of the cyberattack and has not officially confirmed if ransomware was involved or not.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/10/06/mgm_resorts_cyberattack_cost/

#MGM #personaldata