MGM Resorts International, a major player in the hospitality, gaming, and entertainment industry, revealed a significant “cybersecurity issue” that has the potential to affect its operations across the United States. The company reported that certain websites were inaccessible, prompting them to advise customers to make reservations and bookings via telephone.
The exact extent and impact of this issue on MGM’s reservation systems and casino floors in key locations like Las Vegas, Maryland, Massachusetts, Michigan, Mississippi, New Jersey, New York, and Ohio remained uncertain, according to spokesperson Brian Ahern. While the company’s gaming floors remained operational, MGM was actively working to address the ongoing problem.
To address the cybersecurity issue, MGM Resorts took several measures, including temporarily shutting down certain systems to safeguard data and launching an internal investigation with the assistance of external cybersecurity experts.
Law enforcement agencies, such as the FBI and the Nevada Gaming Control Board, were notified of the incident. The situation comes at a time when the gaming industry has been enhancing its cybersecurity measures, with Nevada’s gaming board introducing stricter regulations, including a three-day window to report online system breaches.
The Securities and Exchange Commission also adopted a similar rule, requiring large publicly traded companies to report significant breaches within four business days, effective later in the year.
This incident underscores the vulnerability of major hospitality and entertainment conglomerates to cyber threats and the potential disruptions they can cause. MGM Resorts, known for its iconic properties like the Bellagio and Mandalay Bay, has had to grapple with the cybersecurity issue’s repercussions, affecting its online presence and customer interactions.
It highlights the need for robust cybersecurity measures, prompt reporting of incidents, and collaboration with external experts to protect sensitive data and maintain operational integrity in the face of evolving digital threats.