MGM Resorts International has initiated legal action against the U.S. Federal Trade Commission (FTC) to halt an investigation into a significant data breach that occurred last year. Filed in federal court in Washington, MGM’s lawsuit aims to challenge the FTC’s authority to demand information, arguing that the company, not being a financial institution, should not be subject to regulations governing consumer financial data. Furthermore, MGM contends that FTC Commissioner Lina Khan’s reported presence at an MGM hotel during the hack raises concerns about her potential bias in the matter and calls for her recusal.
The lawsuit sheds light on MGM’s efforts to resist regulatory scrutiny following the cyber incident, which the company claims resulted in substantial damages. With millions of dollars in disclosed losses and facing multiple consumer class actions, MGM is aggressively contesting the FTC’s jurisdiction and Commissioner Khan’s involvement in the investigation. While the FTC declined to comment on the lawsuit, MGM’s legal challenge underscores the complexities surrounding data security regulation and the contentious nature of investigations into high-profile cyber breaches.
Amid mounting legal battles and regulatory scrutiny, MGM’s lawsuit against the FTC underscores the broader implications of cybersecurity incidents for companies operating in highly regulated industries. The clash between MGM and the FTC highlights the challenges companies face in navigating regulatory frameworks and defending against potential enforcement actions in the aftermath of data breaches. As the legal proceedings unfold, stakeholders are closely watching the outcome, which could set important precedents for data security regulation and enforcement in the digital age.
