Two months after MGM Resorts filed legal action against the Federal Trade Commission in the D.C. District Court, the FTC has struck back, filing its own petition in Nevada.
The petition requests the court compell MGM Resorts to comply with the FTC’s investigation into the September 2023 cyberattack on the company. In its court filings, MGM argued that, since it is not a financial institution, it is not subject to the group’s Civil Investigation Demand (CID). The casino company also asked for FTC Chair Lina Khan to dismiss herself from the case since she was on site when the cyberattack in Las Vegas took place.
While there has been little progress in the D.C. District Court case, the FTC has taken action in Nevada, filing a request for the court to compel MGM to follow the CID. The complaint argues that MGM failed to explain why they would not be subject to the CID.
“MGM may argue, as it did in its PTQ, that it is not the type of entity subject to the Safeguards Rule and Red Flags Rule (respectively, a “financial institution” or “creditor”) and therefore the CID is improper. That argument is meritless. In the first instance, MGM’s jurisdictional objection has no bearing on the CID’s requests for information relevant to unfair or deceptive acts or practices violating Section 5 of the FTC Act, and MGM cannot deny that it is subject to the FTC Act.”
FTC argued that, as an institution that extends customers credit, MGM Resorts very much qualifies as a financial institution.
The FTC is asking for the court to force MGM’s hand. If the court rules in favor of the FTC, MGM will have ten days to respond to the information requested in the CID.
