The impact and lessons of the MGM cyber-attack

MGM serves as a reminder that the risks, and potential impact, are very real and require all business be proactive in their preparation and potential response.

The impact and lessons of the MGM cyber-attack

BY Dan Levy |September 15, 2023|BLOG

News this week has been dominated by the story of over a dozen MGM Hotels & Casinos that have had to shut down operations after a cyberattack against their computer systems.  First announced on Sunday, systems at a dozen MGM properties were suddenly inoperable, paralyzed by a breach stemming from a highly targeted phishing attack.

Despite assurances from MGM Resorts International that daily operations had resumed, guests of the resort continued to report the opposite, posting photos online of offline slot machines.

As reported in USA Today, to contain the incident, MGM Resorts International began working with external cybersecurity experts to remediate and contain the breach.

Not long after the attack, VX Underground, a not-for-profit group that establishes contact with cyber-crime groups and documents patterns and activity, reported the incident to be caused by a threat group named AlphV BlackCat, infamous for many high-profile attacks – including those against Suffolk County, NY in 2022.

The FBI has been made aware of the incident, but characterized the event as ongoing, according to The Associated Press. 

Businesses of all sizes that deal with sensitive data are targets of cyber criminals and must implement cybersecurity services to help mitigate risks.  This well-publicized event serves as a reminder of the importance of being prepared for a potential cybersecurity incident at any time. 

Your business needs a proper information security plan to handle cybersecurity threats now and in the future. Creating a plan and revisiting it annually is recommended.  Example cybersecurity measures your business must implement includes: 

  • Installing Enterprise-Grade Firewalls 
  • Maintaining a Robust Backup and Disaster Recovery Solution 
  • Using Multi-Factor Authentication 
  • Securing Passwords with a Password Management System 
  • Restricting Access to Sensitive Data 
  • Creating and Maintaining Security Policies and Procedures 
  • Providing Cybersecurity Awareness Training to all Employees 
  • Seeking Professional Assistance 

Ramp up your cybersecurity posture and protect sensitive data. Sourcepass can help.

Dan Levy is the Sourcepass Security Engineering Lead. Reach out to Dan at (877) 678-8080. 

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt
Sourcepass Launches Western Massachusetts Regional Division, Appoints Vice PresidentAI