MGM, Caesars Hackers Make Bold Claim About Attack

Listen to this news articleLISTEN TO THIS ARTICLE:

More information is coming to light regarding the recent cyberattacks MGM Resorts International and Caesars Entertainment suffered, and it doesn't bode well. On Thursday, Scattered Spider, a notorious hacking collective, claimed to have successfully infiltrated the networks of the casino operators and extracted six terabytes worth of data. This data breach prompted both companies to initiate comprehensive investigations into the incident.

Customer Data in the Wild

In a recent exchange on the messaging platform Telegram, a representative from Scattered Spider informed Reuters that the group's intentions were not to release the data to the public. Furthermore, they avoided disclosing whether they were seeking a ransom from the company.

An anonymous source familiar with cybersecurity matters shared Reuters' contact information with the group as the individual oversees the malware's cybersecurity under the name vx-underground. However, this expert opted to remain anonymous. No replies were received from Caesars and MGM regarding inquiries about the magnitude of data breaches.

On Thursday, Caesars made a disclosure to regulators regarding an incident that occurred on September 7. During this, an extensive amount of data pertaining to loyalty program members was compromised by hackers. The stolen information included personal details such as driver's license numbers and possibly social security numbers.

Earlier reports from Bloomberg and the Wall Street Journal mentioned that Caesars had indeed made a ransom payment. However, the company has refused to confirm the statement, despite multiple insiders attesting to the claim's veracity. Some have suggested it paid at least $15 million to the hackers.

Scattered Spider Leaves Its Mark

According to Google's Mandiant Intelligence, UNC3944 or Scattered Spider holds a distinguished position among the premier cyber-espionage organizations in the US. In the last year, numerous security experts have consistently highlighted this particular group due to its highly efficient methods of social engagement. This group has gained attention by adopting a strategy where they reach out to a company's information security team via phone call, masquerading as a user in urgent need of password reset assistance.

According to Marc Bleicher, a security analyst with a background in legal audits, individuals usually gather a significant amount of information prior to reaching out to the help desk. This stage is referred to as the final step.

In the last couple of years, a multitude of incidents involving Scattered Spider has been traced back by Mandiant. Companies across diverse sectors like gaming, technology, retail, media, and insurance have fallen victim to over 100 breaches. Charles Carmakal, the Chief Technical Officer at Mandiant, has been actively investigating these cases.

Carmakal mentioned that the organization seems to be scattered across multiple countries in the west. The breach was attributed to a social engineering attack on an IT vendor affiliated with Caesars, with no details provided about the financial repercussions.

MGM, which has casinos and hotels worldwide, is still grappling with service disruptions even after four days since the hacking incident was disclosed. In Las Vegas, a video surfaced on various social media platforms capturing the moment when a slot machine encountered a technical glitch, prompting an error message to be displayed. Other videos have shown huge lines of guests trying to check in or out of MGM properties.

More Business News


Leave a Comment

user avatar
My Name United States of America
Your Comment

User Comments

Comments for MGM, Caesars Hackers Make Bold Claim About Attack