Cybercrime

MGM Resorts Confirms ‘Cybersecurity Issue’, Shuts Down Systems

MGM Resorts confirms “cybersecurity incident” led to the shutdown of web sites and IT systems of hotels throughout the United States.

Ryan Naraine

September 11, 2023

Hospitality and entertainment giant MGM Resorts on Monday said a “cybersecurity issue” forced the shutdown of certain computer systems, including the websites for some of the biggest Las Vegas and New York properties.

A brief note posted to X (the website formerly known as Twitter) said external cybersecurity experts and law enforcement are involved in an investigation that has all the hallmarks of a ransomware extortion attack.

Here’s the full MGM Resorts statement:

“MGM Resorts recently identified a cybersecurity issue affecting some of the Company’s systems. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems.

Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter.”

MGM Resorts properties include the Mandalay Bay (the site of the Black Hat security conference), Bellagio, MGM Grand, Aria, Luxor and the Cosmopolitan.

The incident began sometime on Sunday and affected hotel reservation systems throughout the United States and other IT systems that run the casino floors.

At 1:00PM PST Monday, services on the company’s homepage remained unavailable.

Advertisement. Scroll to continue reading.

Written By Ryan Naraine

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Latest News

Click to comment

CIEM Chat: How to Reduce Cloud Identity Risk

March 26, 2024

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Virtual Event: Ransomware Resilience & Recovery Summit

April 17, 2024

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Building the Right Vendor Ecosystem – a Guide to Making the Most of RSA Conference

As you look to navigate RSA Conference, with so many vendors, approaches and solutions, how do you know what solutions you should be investing in? (Marc Solomon)

Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues

Microsoft provides an easy and logical first step into GenAI for many organizations, but beware of the pitfalls. (Alastair Paterson)

Beyond the Buzz: Rethinking Alcohol as a Cybersecurity Bonding Ritual

Jennifer Leggio makes the case for more alcohol-free networking events at conferences, and community-building opportunities for sober individuals working in cybersecurity. (Jennifer Leggio)

Navigating Vendor Speak: A Security Practitioner’s Guide to Seeing Through the Jargon

As a security industry, we need to focus our energies on those professionals among us who know how to walk the walk. (Joshua Goldfarb)

SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking

SD-WAN must be scalable, stable, secure, and fully operational to serve as a strong base for seamless modernization and progression to SASE. (Etay Maor)

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Eduard KovacsOctober 1, 2019