MGM Resorts Faces Extensive Operations Disruption Due To Major Cybersecurity Incident

(CTN NEWS) – MGM Resorts, the operator of casinos and lodging facilities, has temporarily halted several of its computer systems, including its website, due to a significant cybersecurity concern, as announced through a social media post on Monday.

The initial shutdown had far-reaching effects on virtually every aspect of the casino operator’s operations.

Reservation systems, booking systems, electronic key card systems for hotels, and even the functionality of the casino floors were all evidently impacted by this unexpected disruption.

By Monday evening MGM released an update stating that its resort properties have multiple processes in place that allow them to operate and serve guests manually during time of computer system disruption which is provided below.

Guests can check into and out of our hotels through the front desk.

Guests can gain access to their rooms using a physical key if their digital key is inoperative. Physical keys can be obtained at the front desk.

Guests can obtain dining reservations by calling our restaurants directly during their normal operating hours, or by talking with a property Concierge.

Impact of Cybersecurity Incident on MGM’s Operations

In response to the cybersecurity incident, the company’s email systems were also temporarily disabled and have not yet been restored.

As of Monday evening, the casino floors have been brought back online. However, the reservation systems that manage their extensive hotel room inventory and the booking system responsible for restaurant reservations remain unavailable.

This continued outage persists more than a day after the initial reports of the incident began circulating.

MGM manages an extensive portfolio of hotel rooms across Las Vegas and throughout the United States. According to information disclosed in SEC filings, their revenue generated from hotel rooms in Las Vegas surpasses the revenue directly associated with their casino operations.

For the quarter ending on June 30, the company reported Las Vegas room revenue totaling $706.7 million, in contrast to casino revenue amounting to $492.2 million during the same period.

In response to the situation, MGM swiftly initiated an investigation, enlisting the expertise of reputable external cybersecurity professionals.

The company also promptly informed law enforcement agencies and took decisive measures to safeguard their systems and data, which included the temporary shutdown of specific systems.

This information was conveyed through a post on X, formerly known as Twitter/;.

pic.twitter.com/nxIweGInsB

— MGM Resorts (@MGMResortsIntl) September 11, 2023

Developments Surrounding MGM’s Cybersecurity Incident and Government Response

The FBI has acknowledged its awareness of the ongoing incident but has refrained from providing additional details.

On Monday, MGM’s shares experienced a decline of nearly 2.4%.

Visitors to MGM’s website are now greeted with a landing page instructing them to contact the hotels or casinos directly by phone.

The exact commencement time of the system outage remains unclear, although some social media users reported issues with MGM’s systems as early as Sunday night.

This is not the first time the company has faced cybersecurity challenges. In 2020, personal information belonging to over 10 million MGM guests was disclosed on a hacking forum. The data breach occurred during the summer of 2019, as reported by the company at that time.

The extent of the government’s response, aside from the involvement of the FBI, remains uncertain. The government identified the “commercial facilities sector,” encompassing gaming and lodging, as critical infrastructure back in 2003.

The Department of Homeland Security underscored the potential consequences of a significant communication breakdown or a deliberate cyberattack within this sector in a 2015 sector-specific plan.

Warning that such events could substantially disrupt financial transactions and essential operations, jeopardize the privacy of customer and company data, pose threats to company integrity and reputation, and result in significant legal and economic burdens.

RELATED CTN NEWS:

Canada Truck Attack: Landmark Trial Begins For Accused In Hate-Motivated Murder Of Muslim Family

India vs. Bharat: Supreme Court Rulings And Constituent Assembly Debates | Explained

U.S. Citizens Gather To Commemorate 22nd Anniversary Of 9/11 Across The Nation