MGM confirms “limited number” of users’ SSN exposed in hack

MGM Grand
Image: Shutterstock

MGM Resorts has admitted that a limited number of customers have had sensitive information such as social security numbers and passport numbers exposed during the recent cyber attack. 

The casino operators offered all stakeholders an update on the specifics of the attack, which also left its properties out of action for almost two weeks. 

MGM also stated that for a larger number of customers, more general pieces of data were compromised. These include the name, phone number, email address, postal address, gender, date of birth, and driver’s license number of those involved.

However, the operator stated its confidence that passwords and bank account information were not affected by the cyber attack. 

A statement read: “Promptly after learning of this issue, MGM Resorts took steps to protect its systems and data, including shutting down certain systems. The Company also quickly launched an investigation with the assistance of leading cybersecurity experts and is coordinating with law enforcement.  

“MGM Resorts takes the security of its systems and data very seriously and has put in place additional safeguards to further protect its systems.

“MGM Resorts is notifying relevant customers by email as required by applicable law and has arranged to provide those customers with credit monitoring and identity protection services at no cost to them.  

“Individuals who receive an email from MGM Resorts about this issue should refer to that email for additional information and instructions for enrolling in these services.

Caesars Entertainment was also forced to admit that social security numbers were compromised in a cyber attack last month, and is offering free identity theft protection to those affected. 
In a recent episode of iGaming Daily, SBC Americas chatted to Justin Albrecht, Director of Global Mobile Threat Intelligence at Lookout about the cyber attack on the operators and those behind the attack.