Caesars Entertainment and MGM Resorts Hit by Cyberattacks: Las Vegas Struggles with Ransomware


Las Vegas, the iconic entertainment hub, has fallen victim to a series of ransomware attacks, with Caesars Entertainment and MGM Resorts being the latest casualties. The cyberattacks are believed to be orchestrated by the ALPHV/BlackCat ransomware gang. It has sent shockwaves through the city’s hotel and casino giants.

Caesars Entertainment’s $30 Million Ransom

Reports emerged that Caesars Entertainment quietly paid a $30 million ransom to the attackers, a week before MGM Resorts faced a similar situation. The attacks are now attributed to a relatively unknown hacker group called “Scattered Spider,” also known as UNC 3944. Targeting Caesars Entertainment as early as August 27th, threatening to release stolen company data if they do not pay the ransom.

Scattered Spider: The Culprit Behind Caesar’s Attack

The group behind the attacks, Scattered Spider (UNC 3944), has been active since 2022. Composed of English-speaking members from the US and UK, the group employs phishing attacks, SMS phishing, SIM swapping, and remote access tools to breach and compromise organizations. Their primary targets span several countries, including the US, UK, Germany, France, Italy, Canada, Australia, and Japan. Scattered Spider shares toolset usage with Alpha/BlackCat, indicating a potential affiliate relationship with the ransomware-as-a-service outfit.

MGM Resorts’ Financial Woes

MGM Resorts, the first victim of the cyber onslaught, suffered devastating financial losses. The attack forced the company to shut down parts of its network systems, disrupting guest services, room keys, and casino operations across its resorts on the Las Vegas Strip. The breach has caused front desk queues, communication outages, and even the use of physical room keys. MGM Resorts now faces the challenge of restoring normalcy, a process estimated to take at least two weeks.

Notably, these attacks may have far-reaching consequences beyond immediate disruptions. Research indicates that cybercriminals may exploit these high-profile breaches by offering stolen data from MGM customers on the dark web. Data from previous MGM breaches in 2019 and 2022 continues to circulate in underground markets. Cybersecurity experts warn that loyalty club databases, like MGM Rewards, provide valuable information for cyber criminals engaging in financial fraud, identity theft, and other cybercrimes.

Urgent Need for Data Security After Caesars Attack

The recent breaches highlight the increasing sophistication of malicious actors. Businesses, particularly those in high-profile industries like hospitality, must prioritize data security with proactive measures. Understanding data, its locations, and access points is crucial to preventing and mitigating cyber threats.

The cyberattacks in Las Vegas serve as a stark reminder of the ever-present and evolving cybersecurity challenges that organizations face in the digital age. Vigilance and swift action are imperative to safeguard against such threats.

For more news and updates on Cybersecurity, visit The Cybersecurity Club.

Post navigation

Leave a Reply

Your email address will not be published. Required fields are marked *

Artificial Intelligence In Cybersecurity: Insights from Industry Experts

ROK Portal Hoax by North Korean Hackers to Steal Data

Taiwan Semiconductor Refused To Pay $70M To The Attacker Gang

Hackers claim it only took a 10-minute phone call to shut down MGM Resorts