The MGM cashier’s 9-figure mega bill after the cyber attack
After the cyber attack, the big bill for the casino and hotel operator MGM Resorts international. This iconic Las Vegas company, which has a turnover of $13 billion, has just been shaken up by a major computer hacking. It now estimates the cost of the damage at $ 100 million, a sum mentioned in a document sent to the Securities and Exchange Commission (SEC), the watchdog of the American stock exchange.
MGM Resorts also states that it had to incur $10 million during the crisis for technology consulting, legal fees and other expenses that could be partially covered by its insurance. But, specifies the Wall Street Journal, the company would not have paid a ransom. Unlike another company in the sector, Caesars, also victim of a computer attack a few days before, which paid $ 15 million, according to CNBC.
Customer data theft
As MGM Resorts then explained to its customers, the computer intrusion ultimately ended in the theft of customers’ personal information, as well as social security numbers and passports to the unspecified number. On September 11th, the company had to shut down its IT after discovering a serious security problem, thus blocking access to rooms closed with a digital key or preventing reservations.
Customers had also complained on social networks that they could no longer play certain slot machines, switched to “manual mode” in several of the group’s casinos in the United States. ”We reacted quickly to mitigate the risks,” assured Bill Hornbuckle, the CEO of the company, a way he assures to prevent the theft of banking information.
Scattered Spider
According to Vx-Underground security researchers, the hackers managed to break into the company’s IT system using a social engineering technique, by calling the company’s IT hotline after visibly posing as one of the employees.
This high-flying computer hacking, with the false air of Ocean’s Eleven, was finally linked by the Reuters news agency and the Financial Times to the Scattered Spider group of cybercriminals. The latter would have relied on the infrastructure of the Alphv/BlackCat ransomware franchise.
Also known as Roasted 0ktapus and UNC3944, the members of Scattered Spider are specialists in phishing attacks and Sim-Swapping, two social engineering techniques. They are “incredibly effective”, warned Charles Carmakal, the technological director of Mandiant. “Although the members of this group may be less experienced and younger than most extortion groups, they pose a serious threat to large organizations in the United States,” he added.