A phone call to helpdesk was likely all it took to hack MGM


Bellagio fountain
Enlarge / Gamblers and hotel guests at MGM casinos on the Las Vegas Strip, including the Bellagio, were affected by the security breach.
Ethan Miller/Getty Images

reader comments
78 with

A cyber criminal gang proficient in impersonation and malware has been identified as the likely culprit for an attack that paralized networks at US casino operator MGM Resorts International.

The group, which security researchers call “Scattered Spider,” uses fraudulent phone calls to employees and help desks to “phish” for login credentials. It has targeted MGM and dozens of other Western companies with the aim of extracting ransom payments, according to two people familiar with the situation.

The operator of hotel casinos on the Las Vegas Strip, including the Bellagio, Aria, Cosmopolitan, and Excalibur, preemptively shut down large parts of its internal networks after discovering the breach on Sunday, one of the people said.

The effort to contain the hackers caused chaos. Slot machines stopped working, electronic transfers of winnings slowed down, and key cards for thousands of hotel rooms no longer functioned. MGM did not respond to a request for comment.

The FBI said it was investigating, and the Nevada Gaming Control Board was informed of the breach’s impact, with the state’s governor, Joe Lombardo, coordinating with local and national law enforcement, the board said in a statement.

© 2023 The Financial Times Ltd. All rights reserved. Not to be redistributed, copied, or modified in any way.

Article Tags:
Article Categories:
Technology