Within a matter of weeks, the US Casino industry has witnessed two highly disruptive cyberattacks on its stalwarts Caesars Entertainment and MGM Resorts.
Caesars paid a ransom of $15 million to a cybercrime group that managed to steal social security number and licence information from several of its customers from the company's database.
Initially, the cybercrime group demanded a $30 million ransom from Caesars, but the company ultimately negotiated it down to half that amount, reported CNBC.
Meanwhile, MGM continues to battle a widespread outage after a cyberattack forced it to shut down systems across its properties.
Furthermore, the sources have also confirmed to CNBC that a similar ransom demand has been made to MGM as well.
The group responsible for the attacks, identified as UNC3944, has been reported by Bloomberg to be behind the attacks on both companies.
Caesars Entertainment was targeted earlier this month by the same hackers that compromised MGM’s systems. The only difference is Caesars paid $15 million in ransom to be left alone. pic.twitter.com/eZSXUCBRri— Las Vegas Issues (@VegasIssues) September 14, 2023
MGM outage continues
At MGM, the outage has now rolled into its fifth day, with the company saying in an update on Thursday that the company was working to “resolve our cybersecurity issue".
MGM had shut down large parts of its internal networks to mitigate the attack on Sunday.
This resulted in widespread disruption across the company’s hotels and casinos, with guests reporting that ATMs and slot machines were out of order, along with room digital key cards and electronic payment systems.
Guests continue to report issues across MGM properties, despite the company claiming earlier in the week that its resorts, including dining, entertainment and gaming, are “currently operational.”
Late reporting from Caesars
According to an 8-K filing with the U.S. Securities and Exchange Commission, "Caesars does not anticipate the ransom payment or fallout will have a material effect on the company’s bottom line".
While Caesars reported its incident through a U.S. Securities and Exchange Commission (SEC) filing, questions arise as to why the company delayed the submission of its 8-K report disclosing the ransom and cyberattack.
pic.twitter.com/jTIDHmAaqN— MGM Resorts (@MGMResortsIntl) September 14, 2023
SEC regulations require companies to file such reports within four days of a material event occurring.
This incident comes as the SEC prepares to introduce a new cybersecurity disclosure rule by the end of the year, which will mandate companies to disclose the nature and impact of cyberattacks on their business.