MGM Resorts International and the Las Vegas-based retail casino giant’s loyalty program, MGM Rewards, may have been hacked by a Russian cyber gang called ALPHV, according to a nonprofit group that collects malware information. VX-Underground tweeted on Sept. 12 that ALPHV is claiming credit for a cyberattack that’s plagued MGM for four days. Meanwhile, BetMGM, MGM’s online casino gambling arm, appears unaffected.
VX-Underground posted on X yesterday about the MGM Resorts outage:
All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk.
A company valued at $33,900,000,000 was defeated by a 10-minute conversation.
As of 6:30 p.m. today. that post had been viewed more than 1.2 million times.
In the replies to the post, VX-Underground said MGM may not be willing to pay the ransom. Two of the post’s commenters mentioned Caesars Entertainment paid hackers in order to avoid this fate. The Wall Street Journal reports Caesars paid hackers $15 million for relief from a cyberattack “late this summer.”
Commenters speculated that the non-payment is why MGM Resorts sites are still down.
Bonus checked today on the MGM Resorts and MGM Rewards sites and got this message on both:
The MGM Resorts website is currently unavailable.
We apologize for the inconvenience.
The notice continues, suggesting diners download the MGM Rewards app to make restaurant reservations, book entertainment options via Ticketmaster, and click on the AXS site for arena events.
If the entire situation is a turnoff for hotel guests, MGM Resorts says:
For hotel reservations arriving September 13-17, 2023, we understand your travel plans may have changed, so we are waiving change and [cancellation] fees.
Meanwhile, BetMGM and Borgata websites are still accepting online casino, sports, and poker bets, Bonus saw today on the Pennsylvania sites.
BetMGM is a joint venture between MGM Resorts (MGM Resorts International 36,51 -0,94%) and Entain (Entain PLC 947,40 +3,20%). So it’s unsurprising that its loyalty program’s site, BetMGM Rewards, was also functioning today.
Meanwhile, the Borgata Online Rewards site worked today, but visitors got an error message similar to MGM Resort’s when they clicked on the website for the Borgata Hotel, Casino, and Spa in Atlantic City.
The Land-Based Experience
The MGM Grand Detroit is the leading retail casino in Michigan. In August, it had 47% of the market share, with all three casinos bringing in $104.9 million in revenue, according to the gaming regulator. The Michigan Gaming Control Board (MGCB) released those numbers yesterday.
So, a reporter decided to look at how the Detroit casino was faring. Dan Holmes wrote up his findings for PlayMichigan, a Catena Media site. Bonus is also a Catena publication.
The MGM Grand Detroit casino has all of its slot machines and gaming tables open, but a few gaming features are not available to customers.
According to the information desk staff at MGM Grand Detroit, customers cannot use free play, cannot get cash advances or use ATMs, and they cannot write checks.
Any gaming-related account service that requires an internet connection seems to be unavailable or limited at this time.
What MGM Resorts Says
The MGM Resorts investor site has been working and includes a press statement the company made yesterday:
MGM Resorts recently identified a cybersecurity issue affecting certain of the Company’s systems. Promptly after detecting the issue, we began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and are taking steps to protect our systems and data, including shutting down certain systems. Our investigation is ongoing, and we are working diligently to resolve the matter. The Company will continue to implement measures to secure its business operations and take additional steps as appropriate.
Indeed, the MGM Cotai and Macau site was operational today.
Historic Cyberattacks on Retail Casino Sites
Caesars paid the ransom for the cyberattack it endured this summer, the WSJ reported.
In 2020, two Fremont Street casinos in Las Vegas endured a cyberattack.
Even legal online casino gambling sites endure cyberattacks. In November 2022, BetMGM, DraftKings, FanDuel, and WSOP were hacked at various times in late 2022.
Law Enforcement Is on the Case
Members of the US Federal Bureau of Investigation (FBI) are looking into what’s happening to MGM.
In a recent investigation involving unregulated cryptocasino Stake, the FBI found North Korean hackers calling themselves the Lazarus Group stole $41 million from the gray site.
Meanwhile, the US Department of State’s Bureau of International Narcotics and Law Enforcement Affairs (INL) tweeted on Aug. 30:
As negotiations for a new UN cybercrime treaty are underway in New York this week, the United States continues its work to combat cybercriminals!
The INL post contained an FBI tweet from Aug. 29:
Today, #FBI Director Christopher Wray announced a Bureau-led operation that crippled a long-running botnet. Just in the past year, this botnet infected approximately 700,000 computers.
As the INL post mentions, from Aug. 21 to Sept. 1, the US led the discussion at the United Nations (UN) for an international cybercrime agreement. The US is trying to “seek consensus on the adoption of a narrowly focused criminal justice instrument that advances international cooperation to fight cybercrime.”