Cybersecurity incident triggers major outages at MGM hotels and casinos
It affected reservation systems, booking systems, electronic key card systems for hotels, and even the functioning of gaming machines on casino floors.
Furthermore, the company’s email systems were also affected by the cybersecurity issue and remain offline at present.
“Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts,” MGM said in a statement.
“We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems.
“Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter,” the company added.
As of Monday evening, the casino floors were brought back online.
MGM Resorts also highlighted that it has “multiple processes in place” that allow it to operate and serve its guests manually during times of computer system disruption.
While initially guests were not able to access their rooms, MGM stressed that guests can check into and out of the hotels through the front desk, as well as gain access to their rooms using a physical key if their digital key is inoperative.
MGM’s website has been replaced by a landing page advising that guests to contact their hotels or casinos directly via phone.
MGM Resorts International operates a portfolio that includes renowned properties such as Aria, Bellagio, Cosmopolitan, Excalibur, Luxor, Mandalay Bay, MGM Grand Las Vegas, and New York-New York.
The company marked a significant milestone in Q2 2023 by achieving an unprecedented consolidated net revenue record.
The US-based casino behemoth reported a consolidated net revenue of $3.9bn, representing a 21% increase compared to the previous year.
The revenue generated from their Las Vegas hotel rooms surpassed that directly attributed to their casino operations.
Specifically, the company reported Las Vegas rooms revenue of $706.7m in Q2 2023, whereas casino revenue for the same period amounted to $492.2m.
Operations at BetMGM, the group’s online gambling joint venture with Entain, do not appear to be affected.
Just last week, Stake had to halt all deposit and withdrawal services after cybercriminals managed to steal cryptocurrency valued at $41.3m.
A group of cyber criminals operating from the Democratic People’s Republic of Korea (North Korea) called Lazarus Group was behind the attack, according to the FBI.
While the exact cause of MGM’s cybersecurity incident remains unknown, the company’s shares lost some 2% in value after the announcement of the incident.