BetMGM investigating data breach as customer information is leaked
Customer records at MGM Resorts International and Entain joint venture brand BetMGM have been accessed “in an unauthorised manner.”
The data breach affected personal information of some BetMGM customers such as name, contact information, date of birth, account identifiers and information related to transactions made with the operator.
BetMGM promptly launched an investigation, it said, and has been working with leading security experts to determine the nature and scope of the issue.
The firm was made aware of the matter in November and believes the data breach took place as far back as May this year.
It added that it currently has no evidence that patrons’ passwords or account funds were accessed in connection with the breach, and that the firm’s online operations were not compromised.
The business “is coordinating with law enforcement and taking steps to further enhance its security,” it said.
BetMGM CEO Adam Greenblatt: “The security of our platform and our patrons’ data is a top priority for BetMGM. We regret any inconvenience this may cause.”
“We are taking this matter very seriously and are working quickly to investigate it,” said BetMGM CEO Adam Greenblatt.
“The security of our platform and our patrons’ data is a top priority for BetMGM. We regret any inconvenience this may cause.”
In response to the breach, BetMGM recommended that customers remain alert for any suspicious activity or unsolicited communications regarding their personal information.
It has also arranged to offer affected customers credit monitoring and identity restoration services for two years, at no cost to them.
Earlier this week, it was revealed that major US operator DraftKings had also suffered a data breach which exposed the personal information of almost 68,000 customers following a credential attack in November.
That kind of attack sees automated tools used to make a massive number of attempts to sign into accounts using customer credentials stolen from other online services.
Hackers use the tactic to take over as many accounts as possible and steal personal and financial information which can then be resold for a profit.
After discovering the attack, DraftKings reset the passwords of affected accounts and said it had implemented additional fraud alerts. Further, some $300,000 identified as stolen from customer accounts during the incident was refunded to the affected customers.