MGM Resorts International, the largest casino owner in Las Vegas, suffered a cybersecurity breach that affected its reservations and casino operations. Customers reported issues ranging from inaccessible casino rewards accounts to non-functional hotel room cards, with some even canceling their trips. The breach persisted for nearly a week. In a related incident, Caesars Entertainment, the world’s largest casino owner, also confirmed a cybersecurity attack. While their casino and hotel operations remained unaffected, the security of personal data for tens of millions of their customers was uncertain. A hacker group claimed responsibility for the attack on Caesars, demanding a $30 million ransom. Experts warn that if ransoms are paid, more attacks could follow.
The breaches have prompted an FBI investigation and challenged the public’s perception of casino security. While casinos like MGM and Caesars invest heavily in sophisticated security measures, no system is entirely foolproof. Yoohwan Kim, a computer science professor at the University of Nevada, Las Vegas, emphasized that hackers often exploit minute human-related weaknesses, such as phishing. Tony Anscombe from cybersecurity company ESET suggested that the breaches might have been “socially engineered attacks,” where hackers use tactics like phone calls or phishing emails to infiltrate systems. As companies grapple with the aftermath, experts stress the importance of preparation for potential future attacks.