MGM Resorts takes action over massive data hack

More than 10.6million guests have had their data leaked after the cyber attack, according to reports.

MGM Resorts has properties in Las Vegas and across the US.
MGM Resorts has properties in Las Vegas and across the US.

The stolen personal information of 10.6 million guests of MGM Resorts hotels was posted to a hacking forum this week, according to reports.

Last night an MGM Resorts official confirmed to C&IT that there had been a data hack last summer. The data exposed included names, addresses and passport numbers of previous guests.

The company said it was "confident" no financial information had been exposed but could not confirm exactly how many people had been affected because the data that was exposed may have been duplicated.

In a statement handed to C&IT, an MGM Resorts spokesperson said: “Last summer, we discovered unauthorised access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts. 

“We are confident that no financial, payment card or password data was involved in this matter. MGM Resorts promptly notified guests potentially impacted by this incident in accordance with applicable state laws.

“Upon discovering the issue, the company retained two leading cybersecurity forensics firms to assist with its internal investigation, review and remediation of the issue.

“At MGM Resorts, we take our responsibility to protect guest data very seriously, and we have strengthened and enhanced the security of our network to prevent this from happening again.”

Celebrities including Justin Bieber and Twitter founder Jack Dorsey were among those affected, according to a report from ZDNet. But these leaks have not been confirmed by MGM. 

Much of the data that was stolen was "phonebook" information such as names, telephone numbers and email addresses, which MGM said was already available publicly.

Around 1,300 former guests were notified that more sensitive information including passport numbers had been revealed, it has been reported. 

Some 52,000 customers were told that less sensitive personal information was exposed, according to the BBC, though this was only part of the number affected. 

MGM resorts are in Las Vegas, Atlantic City and Detroit in the US, but also has properties in China and Japan and is developing a new Dubai resort.

In 2017, Marriott Hotels was on the end of a much larger data breach exposing 500 million guests, linked to alleged Chinese state-sponsored hackers.

MGM did not immediately respond when asked to confirm whether the details of the ZDnet report were completely accurate.

For more features and breaking news sign up to C&IT Magazine's daily Newstracker.

Have you registered with us yet?

Register now to enjoy more articles
and free email bulletins.

Register now
Already registered?
Sign in

Andrew McCorkell recommends

Marriott suffers mass data hack

Read more
In pictures: Events industry joins nationwide NHS tribute

In pictures: Events industry joins nationwide NHS tribute

As the UK came together to thank frontline healthcare workers, venues did their bit to mark the occasion.

Fears freelancers will be forced into debt despite UK chancellor’s intervention

Fears freelancers will be forced into debt despite UK chancellor’s intervention

Relief for freelancers welcomed by HBAA chair amid concerns many will have to take out loans before a payout in June.

How many MICE businesses have a complete travel ban in place?

How many MICE businesses have a complete travel ban in place?

Nearly 2,000 MICE professionals reveal whether their company has banned business travel in part three of C&IT's Impact of Coronavirus Report.

LIVE UPDATES: Which international events are being cancelled

LIVE UPDATES: Which international events are being cancelled

All the latest postponements and cancellations as the world deals with the spread of coronavirus.

Events industry applauds ExCeL's hospital transformation

Events industry applauds ExCeL's hospital transformation

The conference venue is expected to be ready for action as a huge coronavirus hospital by next week.

‘Kill the agenda, it gets in the way of creativity’

‘Kill the agenda, it gets in the way of creativity’

A detailed event schedule doesn’t leave much room for flexibility or self-expression, says INVNT’s Adam Harriden.

How coronavirus is changing event contracts and insurance forever

How coronavirus is changing event contracts and insurance forever

A need for more detailed contracts has been highlighted in C&IT’s Impact of Coronavirus Report, which surveyed 2,000 event professionals.

Aeorema Communications acquires Eventful

Aeorema Communications acquires Eventful

The deal marks Aeorema's 'conviction in the future and recovery of the events and MICE industry'.

Largest stimulus bill in US history agreed

Largest stimulus bill in US history agreed

A nearly $2-trillion package will boost the US economy amid the COVID-19 outbreak after both sides of the senate reached an agreement.

Industry support line launched by Stress Matters

Industry support line launched by Stress Matters

Help by phone and Whatsapp is available to event professionals who would like to talk to a trained mental health first aider.