Five days later a cyber attack crippled operations of MGM Resorts International, including its signature Las Vegas properties, the Bellagio and the MGM Grand, the company said Thursday morning that it is still working to resolve the issues as another major resort operation, Caesars Entertainment, he acknowledged that he was also the target of a cyber attack. .
Hackers hit MGM Resorts on Sunday morning, rendering the doors of the chain’s casinos and hotels unusable. Slot machines and ATMs were also inoperable, elevators were out of service and customers had to wait hours to check into rooms. Even the company’s website remains down.
“We continue to work diligently to resolve our cybersecurity issues while promptly addressing individual guest needs,” MGM Resorts said in a statement Thursday. “We couldn’t do it without the thousands of amazing employees who are committed to serving and supporting our loyal customers. Thank you for your continued patience.”
But for MGM Resorts Las Vegas visitors like Walter Haywood, patience is running out.
“It was a little chaotic,” Haywood told ABC affiliate station Las Vegas KTNV. “The machines wouldn’t take our ticket. Lines everywhere. Just chaos.”
MGM Resorts has acknowledged the attack, but has not disclosed how it happened or who might be responsible.
The company said it “took swift action to protect our system and data, including shutting down certain systems.”
The FBI said it is investigating the attack and has been in contact with the chain since Sunday.
The Cybersecurity and Infrastructure Security Agency, part of the U.S. Department of Homeland Security, announced Thursday that it is in contact with MGM Resorts “to understand the impacts of its recent cyber incident.”
“We also provide any necessary assistance should the organization require or request it,” CISA said in a statement.
Nevada Gov. Joe Lombardo and the Nevada Gaming Board released a joint statement, saying they are “monitoring the cybersecurity incident with MGM Resorts and are in communication with company executives.”
“Additionally, the Nevada Gaming Control Board remains in communication with other law enforcement agencies,” the statement from Lombardo and the gaming board said.
VX-Underground — a research group with the largest collection of malware source code, samples, and articles on the Internet — published in X that the ransomware group “ALPHV,” also known as Black Cat, is allegedly behind the MGM cyberattack. Authorities have not confirmed the report.
“All the ALPHV ransomware group did to compromise MGM Resorts was jump on LinkedIn, find an employee, and then call help desk. A company valued at $33,900,000,000 was taken down by a 10-minute conversation,” said VX-Underground.
Bloomberg news reported Wednesday that the same ransomware group is responsible for a cyberattack this month on Caesars Entertainment Inc. and that the company paid “millions” to recover their data.
Caesars Entertainment, which operates more than 50 resorts, including Caesars Palace and Harrah’s in Las Vegas, acknowledged the attack took place on September 7. in a presentation on Thursday with the US Securities and Exchange Commission.
“Caesars Entertainment Inc. recently identified suspicious activity on its information technology network as a result of a social engineering attack on an outsourced IT support provider used by the company,” Caesars said in its SEC form 8-K.
While the company said it did not pay a ransom, it noted that “we have incurred and may continue to incur certain costs related to this attack, including costs to respond to, correct and investigate this matter. The full scope of costs and the related impacts of this incident, including the extent to which these costs will be offset against our cybersecurity insurance or potential indemnification claims against third parties, has not been determined.”
Caesars Entertainment, according to the filing, said its investigation determined hackers acquired a copy of its loyalty program database, which includes driver’s license numbers and Social Security numbers “for a significant number of database members.”
Caesars added: “We have taken steps to ensure that the stolen data is removed by the unauthorized actor, although we cannot guarantee that outcome.”
ABC News’ Luke Barr contributed to this report.