MGM Resorts has resumed normal operations in all its hotels and casinos following a cyberattack that disrupted its systems.

(Photo : Win McNamee/Getty Images)
LAS VEGAS, NEVADA - FEBRUARY 20: The MGM Grand Hotel and Casino is seen February 20, 2020 in Las Vegas, Nevada. MGM Resorts has acknowledged that personal information related to more than 10 million guests was published on a well known hacking forum earlier this week.

MGM Resorts Restoring Operations

MGM Resorts has restored all its hotels and casinos to normal operation after a cyberattack disrupted their systems 10 days ago. Although the systems are back online, MGM Rewards accounts will see updates at a later time, and promotional offers may still be unavailable.

Engadget reported that this marks the company's most extensive system-wide recovery since the incident on September 11, when the company saw its websites go offline, slot machines malfunction, and some transactions restricted to cash only.

The ALPHV ransomware group claimed responsibility for the attack shortly after systems went offline, attributing it to social engineering tactics used to gain access to systems. These kinds of groups often demand a ransom in exchange for access or information.

Specifics regarding the scope of the MGM breach, including the nature of the compromised information and the financial implications for the company, were not immediately disclosed.

Gregory Moody, who serves as the director of the cybersecurity program at the University of Nevada, Las Vegas, drew attention to estimated figures suggesting that the computer shutdown might have incurred daily costs of up to $8 million for MGM Resorts.

According to the Associated Press, this calculation could amount to a cumulative impact of $80 million. However, Moody also emphasized that MGM Resorts boasts annual revenues exceeding $14 billion, implying an average weekly revenue of at least $270 million.

Caesars Entertainment, a competing casino operator, informed federal regulators that it also fell victim to a cyberattack on September 7.

While the attack did not disrupt its casino and online operations, the company expressed concerns regarding the potential compromise of personal information belonging to tens of millions of customers.

This sensitive data includes driver's licenses and Social Security numbers of loyalty rewards members, raising significant security and privacy concerns.

Hailing from Reno, Caesars reportedly made a substantial payment of $15 million, half of the $30 million ransom demanded by a group known as Scattered Spider. This payment was made in exchange for assurances of data security.

Read Also: Online Live Casino Now Faces Demand; Here's a Warning Though

Facing Cybersecurity Challenge

MGM Resorts, a prominent hotel and casino company, has previously taken the step to shut down a number of its systems in response to an apparent cybersecurity issue, with the company issuing an official statement shortly before noon ET to address the situation.

In response to the website disruption, MGM Resorts temporarily replaced its homepage with an apology message, along with a compilation of concierge phone numbers for various locations. These locations included Aria, The Cosmopolitan, Mandalay Bay, Bellagio, New York-New York, and Vdara. 

The incident has had repercussions across MGM's properties. It encompasses not only those in Las Vegas but also regional resorts like MGM Springfield in Massachusetts, MGM National Harbor, and the Empire City Casino in New York. 

Related Article: MGM Resorts Faces Cybersecurity Challenge, Shutting Down Systems at Multiple Locations