MGM Resorts has been deeply impacted by a cyberattack that has impaired gaming services at venues across the United States. The cyberattack, which began late on Sunday according to widespread reports, caused the shutdown of casino gaming, reservation systems, hotel room keys, ATMs, email systems and other casino activity digitally linked to MGM's servers.
The cyberattack may be ransom-based, according to at least one Las Vegas outlet. MGM immediately contacted several law-enforcement agencies, while also taking down systems that may have been at-risk but were not necessarily hacked in the attack.
MGM's virtual industry-wide cyber shutdown even included its own online home at mgmresorts.com, through which its corporate information and services remained unavailable as of Monday. Visitors seeking information on hotel reservations were instead presented with a list of MGM's US properties, along with the corresponding phone numbers, to allow for some offline customer service to continue. Scattered reports indicated that some of the impacted properties had managed to restore partial operation by Monday evening, though many of the casino giant's services remain unavailable.
Investigation ongoing
MGM did manage to post an update on the situation on its @MGMResortsIntl Twitter/X account, which included the following:
“MGM Resorts recently identified a cybersecurity issue affecting some of the Company’s systems. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems. Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter.”
The @VitalVegas account was the first to report on the situation after reports of systems being taken offline at Las Vegas's Bellagio casino, one of several MGM properties in that city:
Later, @VitalVegas declared that it wasn't the first time that MGM had been hit with such an attack, and that rival Caesars Entertainment had also been hit by a ransomware attack in recent weeks. MGM suffered a massive attack in 2020, while the alleged recent attack on Caesars, if true, went unreported in mainstream outlets but is likely to emerge within that company's future financial reports.
Poker services also impacted
The majority of the gaming-system impact centered on slot mchines, which are almost always connected to loyalty systems and may also be linked to multi-venue jackpots. Still, poker offerings didn't escape the effects of the cyberattack.
Several reports emerged of MGM-owned casinos being unable to use their seat-reservation systems for poker seats, since these were also linked to players' loyalty-card numbers. In most cases the rooms appeared to remain open, but may have limited games and tourneys. The MGM Grand poker room in Las Vegas, for example, cited "connectivity issues" with Bravo, whcch tracks its table activity, though some cash games and a single nightly tourney were ongoing:
MGM Springfield, near Boston, noted its inability to reserve seats via call-in: