Hacking

MGM Resorts hit by a cyber attack

Hospitality and entertainment company MGM Resorts was hit by a cyber attack that shut down its systems at MGM Hotels and Casinos.

Hospitality and entertainment company MGM Resorts was the victim of a cyber attack, the IT infrastructure across the United States was shut down.

The incident was discovered on Sunday and affected hotel reservation systems in the United States and other IT systems that run the casino floors.

At the time of this writing, MGM Resorts the website of the company is unreachable.

MGM ResortsMGM Resorts

The New York Times reported some guests complained of problems with slot machines and hotel room access.

“KTNV 13, a TV station in Las Vegas, reported that multiple gambling machines at hotels had gone offline and that several guests were unable to charge anything to their rooms, make reservations or use their digital room keys.” states the New York Times. MGM Resorts said in a statement late Monday night that its resorts “continue to deliver the experiences for which MGM is known,” including its dining, entertainment and gaming options.”

“Our guests remain able to access their hotel rooms and our front desk staff is ready to assist our guests as needed,” the company said. “We appreciate your patience.”

The company confirmed the security incident with a post on X (formerly Twitter), it immediately launched an investigation into the incident with the help of cybersecurity experts.

Below is the note published by the company:

“MGM Resorts recently identified a cybersecurity issue affecting some of the Company’s systems. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems.

Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter.”

The visible effects of the cyber attack suggest that the company was hit by a ransomware attack.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, MGM Resorts)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Coinbase data breach impacted 69,461 individuals

Cryptocurrency exchange Coinbase announced that the recent data breach exposed data belonging to 69,461 individuals.…

3 hours ago

U.S. CISA adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti EPMM, MDaemon Email Server, Srimax Output…

6 hours ago

A critical flaw in OpenPGP.js lets attackers spoof message signatures

A critical flaw in OpenPGP.js, tracked as CVE-2025-47934, lets attackers spoof message signatures; updates have…

8 hours ago

SK Telecom revealed that malware breach began in 2022

South Korean mobile network operator SK Telecom revealed that the security breach disclosed in April…

11 hours ago

4G Calling (VoLTE) flaw allowed to locate any O2 customer with a phone call

A flaw in O2 4G Calling (VoLTE) leaked user location data via network responses due…

22 hours ago

China-linked UnsolicitedBooker APT used new backdoor MarsSnake in recent attacks

China-linked UnsolicitedBooker used a new backdoor, MarsSnake, to target an international organization in Saudi Arabia.…

1 day ago