Connect with us

Hi, what are you looking for?


Cyber Insurance

MGM Resorts Says Ransomware Hack Cost $110 Million

MGM Resorts said costs from a disruptive ransomware hack has exceeded $110 million, including $10 million in one-time consulting cleanup fees.

MGM Resorts ransomware

Hospitality and entertainment giant MGM Resorts said costs from last month’s debilitating ransomware infection have exceeded $110 million, including $10 million in one-time consulting clean-up fees.

In an SEC 8-K filing, MGM Resorts said the data-extortion attack caused operational disruptions, especially in its Las Vegas properties, and an estimated financial toll that includes about $100 million in lost revenue.

MGM Resorts, which manages prominent hotels like Mandalay Bay (site of the Black Hat security conference), Bellagio, MGM Grand, Aria, Luxor and the Cosmopolitan, said it also shelled out $10 million for technology consulting services, legal fees and expenses of other third party advisors. 

The company confirmed “disruptions” at some of its properties but said the breach did not cause the loss of any customer bank account numbers or payment card details.

However, MGM Resorts said the hackers stole personal information (including name, contact information (phone number, email address and postal address), gender, date of birth and driver’s license numbers).

“For a limited number of customers, Social Security numbers and passport numbers were also obtained by the criminal actors,” the company added.

“The types of impacted information varied by individual. At this time, [we] do not believe that customer passwords, bank account numbers or payment card information were obtained by the criminal actors. In addition, the Company does not believe that the criminal actors accessed The Cosmopolitan of Las Vegas systems or data,” MGM Resorts added.

A known ransomware gang called Scattered Spider has taken credit for the September hack that impacted MGM’s website, casinos, and systems used for email, restaurant reservations, and hotel bookings, and even digital hotel room keys. 

Advertisement. Scroll to continue reading.

Scattered Spider, according to published reports, also hacked casino giant Caesars Entertainment and collected millions in data extortion ransom payments.

Related: MGM Resorts Confirms ‘Cybersecurity Issue’, Shuts Down Systems

Related: Ransomware Gang Takes Credit for Disruptive MGM Resorts Cyberattack

Related: MGM Hackers Broadening Targets, Monetization Strategies

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Cyber Insurance

Cyberinsurance and protection firm Boxx Insurance raises $14.4 million in a Series B funding round led by Zurich Insurance.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.