MGM Resorts’ websites remain down Tuesday (Sept. 12), two days after the beginning of a cyberattack targeting the hotel and gaming company.
The firm, which is the largest casino operator on the Las Vegas Strip, is grappling with a cyberattack that has caused its websites, including its reservations platform, to remain inaccessible, Bloomberg reported Tuesday. The breach, which began Sunday (Sept. 10), prompted the company to take immediate action to safeguard its systems and data by shutting down certain operations.
The attack has affected properties across the company, resulting in the offline status of some slot machines and staff resorting to manual operation, according to the report.
MGM Resorts notified law enforcement and initiated an investigation with the assistance of external cybersecurity experts, the report said. The company has also reassured the public that its casino gaming floors remain operational and is actively working to resolve the ongoing outages.
The company announced the cybersecurity issue in a Monday post on X, formerly Twitter. In another post later that day, MGM Resorts said: “As an update to our previous statement, our resorts, including dining, entertainment and gaming, are currently operational and continue to deliver the experiences for which MGM is known. Our guests remain able to access their hotel rooms, and our front desk staff is ready to assist our guests as needed. We appreciate your patience.”
— MGM Resorts (@MGMResortsIntl) September 12, 2023
The cybersecurity issue appears to have affected all of MGM Resorts’ Las Vegas properties, as well as MGM’s properties outside of Las Vegas, with websites for regional resorts being offline.
The cyberattack underscores the growing threats faced by both physical and online casinos, according to the Bloomberg report. In response to the increasing number of hacking incidents in the industry, the Nevada Gaming Commission has introduced new cybersecurity regulations. These regulations require casinos to assess hacking risks and fortify their information systems. Additionally, any cyberattacks must be reported to the Nevada Gaming Control Board within 72 hours of discovery.
This incident follows MGM Resorts’ data breach in July 2019, which compromised the personal information of approximately 10.6 million customers.
Following the launch of the current cyberattack, shares of MGM Resorts fell less than 1% Tuesday afternoon, per the report.