Hospitality and entertainment company MGM Resorts was the victim of a cyber attack, the IT infrastructure across the United States was shut down.
The incident was discovered on Sunday and affected hotel reservation systems in the United States and other IT systems that run the casino floors.
At the time of this writing, MGM Resorts the website of the company is unreachable.
The New York Times reported some guests complained of problems with slot machines and hotel room access.
“KTNV 13, a TV station in Las Vegas, reported that multiple gambling machines at hotels had gone offline and that several guests were unable to charge anything to their rooms, make reservations or use their digital room keys.” states the New York Times. MGM Resorts said in a statement late Monday night that its resorts “continue to deliver the experiences for which MGM is known,” including its dining, entertainment and gaming options.”
“Our guests remain able to access their hotel rooms and our front desk staff is ready to assist our guests as needed,” the company said. “We appreciate your patience.”
The company confirmed the security incident with a post on X (formerly Twitter), it immediately launched an investigation into the incident with the help of cybersecurity experts.
Below is the note published by the company:
“MGM Resorts recently identified a cybersecurity issue affecting some of the Company’s systems. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems.
Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter.”
The visible effects of the cyber attack suggest that the company was hit by a ransomware attack.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, MGM Resorts)
Google addressed a Chrome's Password Manager bug that caused user credentials to disappear temporarily for…
The Internet Systems Consortium (ISC) released BIND security updates that fixed several remotely exploitable DoS…
Terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks.…
Progress Software addressed a critical remote code execution vulnerability, tracked as CVE-2024-6327, in the Telerik Report…
A critical flaw in some versions of Docker Engine can be exploited to bypass authorization…
The CVE-2024-21412 flaw in the Microsoft Defender SmartScreen has been exploited to deliver information stealers…
This website uses cookies.