MGM Resorts outage continues as FBI launches investigation

2 weeks ago

A cyberattack attributed to hacker group Scattered Spider has caused an outage crossed MGM Resorts International’s machine systems, affecting immoderate casino and edifice machine systems including nan company’s website.

An correction connection connected nan website reads: “The MGM Resorts website is presently unavailable. We apologize for nan inconvenience.” Users are alternatively directed to mobile applications and third-party services to entree definite parts of nan company’s offerings.

The “cybersecurity issue,” which has been ongoing since September 11, remains nether investigation pinch moreover nan FBI stepping in.

Major MGM outage being investigated

The FBI confirmed connected September 13 that it had started investigating nan incident (via Reuters), while MGM posted to X earlier this week: “Our investigation is ongoing and we are moving diligently to find nan quality and scope of nan matter.”

MGM’s website is presently directing edifice customers to make reservations via its app, and for resident artist, accumulation show, aliases attraction bookings to beryllium made via Ticketmaster. Customers seeking UFC, Las Vegas Aces, Vegas Golden Knights, and Arena-based performance events are being told to usage AXS.

Mandiant Intelligence’s CTO, Charles Carmakal, said connected LinkedIn astir nan group, besides known arsenic UNC3944, calling it “one of nan astir prevalent and fierce threat actors impacting organizations successful nan United States today.”

Carmakal said nan cybersecurity institution would people much specifications astir nan group soon.

In nan meantime, Reuters referred to a erstwhile Crowdstrike blog station offering penetration into nan group’s activity: “Identified by analysts past year, this group uses societal engineering to lure users into giving up their login credentials aliases one-time-password (OTP) codes to bypass multi-factor authentication.”

More broadly, a Bloomberg study citing 4 group acquainted pinch nan matter stated that nan aforesaid group was responsible for a Caesars Entertainment Inc. breach conscionable a fewer weeks ago. Another article suggests that Caesars paid “tens of millions” to nan hackers responsible and has plans to “disclose nan cyberattack successful a regulatory filing imminently.”