FTC Pressure on MGM Resorts over Cyberattack Intensifies

The legal battle between the Federal Trade Commission (FTC) and MGM Resorts International over a massive cyberattack in September 2023 is intensifying. The federal regulator has stepped up its request for information in an attempt to compel the casino giant to turn over sensitive information.

The MGM Grand resort in Las Vegas (Source: CoStar)

Listen to this news articleLISTEN TO THIS ARTICLE:

In April, MGM filed a lawsuit against the FTC in an attempt to block a probe into the incident that crippled the company's computer systems. Now, the FTC has fired back with a petition filed in U.S. District Court, seeking an order to compel MGM to cooperate with its investigation.

The September 2023 cyberattack on MGM Resorts was a significant event, causing widespread disruption at the company's Las Vegas Strip properties. Slot machines went offline, hotel keycard systems malfunctioned, and customer data may have been compromised. The attack reportedly cost MGM $100 million in lost earnings and led to a public apology from the company's CEO.

In the aftermath of the attack, the FTC launched an investigation into MGM's cybersecurity practices. The FTC wants to determine whether MGM took adequate steps to protect its customers' personal information and ensure the security of its systems. However, MGM has resisted cooperating with the investigation, leading to the current legal battle.

MGM's lawsuit against the FTC hinges on two arguments. Firstly, it claims that the FTC does not have jurisdiction over the investigation because MGM is not a financial institution. The FTC, however, argues that MGM's collection of customer data falls under its purview of protecting consumers from unfair and deceptive business practices.

Secondly, MGM's lawsuit targets FTC Chair Lina Khan, requesting her recusal from the case. MGM alleges bias on Khan's part due to her past history of advocating for stricter regulations on large corporations. The FTC has not publicly commented on this specific aspect of MGM's lawsuit.

More Business News

FTC Looks for Greater Control

The FTC's counter-petition seeks to compel MGM to comply with its Civil Investigative Demand (CID). A CID is a legal tool used by the FTC to gather information during investigations. By filing a petition with the court, the FTC is essentially asking a judge to order MGM to produce the requested documents and information related to the cyberattack.

The outcome of this legal battle will have significant implications. If the FTC prevails, it will be able to continue its investigation into MGM's cybersecurity practices. This could lead to potential fines or other penalties for MGM if the FTC finds evidence of wrongdoing. Additionally, the FTC's findings could influence broader regulations for data security in the gambling industry.

On the other hand, if MGM wins the case, it would set a precedent for companies to potentially challenge the FTC's authority in data security investigations. This could make it more difficult for the FTC to enforce consumer protection laws in the digital age.

However, it could be a while before any changes come. The case is likely to extend for months, possibly years, before a resolution is reached.


Leave a Comment

user avatar
My Name United States of America
Your Comment

User Comments

Comments for FTC Pressure on MGM Resorts over Cyberattack Intensifies