Las Vegas, NV - MGM Resorts International, the $14 billion global gaming giant, experienced a system shutdown this week. Sources have identified the hacking group Scattered Spider as the perpetrators behind this attack. This comes as US law enforcement, including the FBI, commences its probe into the security breach.

For three consecutive days, MGM's systems remained inoperable. The company had shut down several systems on Monday to contain a "cybersecurity issue." The renowned gaming company, boasting over 30 hotel and gaming venues worldwide, including significant establishments in Macau and Las Vegas, confirmed that they were actively investigating the incident.

This alarming event follows closely on the heels of another recent cyber attack, as reported by Bloomberg. Another leading casino operator, Caesars Entertainment, faced a breach, paying ransom to hackers who threatened to release its data.

A Personal Note from MGM Resorts International CEO Bill Hornbuckle

Dear Valued Guests and Dedicated Employees,

I want to take a moment to personally express my deepest gratitude to all of you during this challenging time. As the CEO of MGM Resorts International, I feel a profound sense of responsibility to our guests and employees, and I want to assure you that your well-being is at the forefront of our minds.

First and foremost, I want to thank our guests for your incredible kindness and patience this week as we've navigated through a cybersecurity issue. Providing exceptional service to you is at the very core of our identity as a company, and your understanding and support mean the world to us. Please know that we are tirelessly working to resolve this issue, and we are bolstering our staffing levels across all our properties to ensure that your individual needs are addressed as swiftly as possible. Your patience and the kindness you've shown to our dedicated employees have not gone unnoticed, and we are truly grateful.

Speaking of our tens of thousands of employees, I want to extend my heartfelt appreciation to each and every one of you. Your unwavering dedication, resourcefulness, and the positivity you bring to your work every day, especially in these challenging times, are nothing short of remarkable. You are the backbone of our company, and I hold the utmost respect and gratitude for all that you do, day in and day out.

At MGM Resorts International, we are committed to overcoming this cybersecurity challenge and emerging from it stronger than ever. We understand the importance of your trust in us, and we are working tirelessly to ensure the security of your information and the uninterrupted enjoyment of our services.

Thank you for standing by us, for your understanding, and for your continued support. Together, we will overcome this obstacle and continue to provide the exceptional experiences that define MGM Resorts International.

With deepest gratitude and respect,

Bill Hornbuckle

CEO of MGM Resorts International

Both MGM and Caesars Entertainment saw their shares decline on Wednesday.

Social media was rife with reports of non-operational slot machines and system failures at MGM's Las Vegas venues. Sources have revealed to Reuters that the hacking group, Scattered Spider, is behind these attacks. This group was previously identified by analysts last year and is notorious for using social engineering tactics to manipulate users into surrendering their login credentials or OTP codes, a method that can bypass multi-factor authentication. A statement by the security firm Crowdstrike earlier in January highlighted the group's modus operandi.

Charles Carmakal, the Chief Technology Officer at Alphabet Inc's Mandiant Intelligence, voiced concerns over the group's activities on LinkedIn. He identified Scattered Spider as one of the most aggressive threat actors currently affecting organizations in the US. Despite the group's members appearing less experienced compared to other established cybercrime groups, their threat to major US organizations remains significant.

Renowned by its other name, UNC3944, Scattered Spider has previously targeted telecom and business process outsourcing companies. More recent analyst reports suggest that their focus has shifted towards critical infrastructure organizations.

Allan Liska, an intelligence analyst at security firm Recorded Future, emphasized the vulnerability of casinos to such cybercrimes. Their operational reliance on technology and potential financial losses during operational disruptions make them lucrative targets.

Moody's, the rating agency, expressed concerns, indicating that this breach might negatively affect MGM's credit rating. Such attacks have been linked to typical ransomware incidents, where extortionists demand ransoms after encrypting victims' computer systems.

With the increasing spotlight on such incidents, casinos worldwide are advised to remain on high alert. As Liska pointed out, ransomware groups thrive on attention, suggesting that more copycat incidents might follow.

In a report, Moody's highlighted the vulnerability of businesses like MGM due to their heavy dependence on technology, emphasizing the operational disruption when systems are rendered inoperative.

Despite multiple attempts to reach out, MGM and the US cybersecurity watchdog agency CISA have yet to return comments on the incident. The official MGM Resorts website remains inaccessible, with a holding message indicating its current unavailability.

MGM, on a post on social media website X, shared, "Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter."

This situation underscores the pressing need for strengthened cybersecurity measures in industries that heavily rely on technology, particularly as cyber threats grow more sophisticated and aggressive.