The hacker group Scattered Spider – believed to be a part of the ALPHV Ransomware Collective – has claimed responsibility for a security breach at MGM Resorts International.
Scattered Spider reportedly revealed the details of MGM’s hack in an unverified statement posted on ALPHV’s darknet leak website.
The group threatened more destruction if MGM failed to pay their demands. The group also detailed their attempts to reach MGM’s senior leadership. According to the hackers, they could contact MGM if desired.
Hacker group: “We continue to have some access to MGM’s Infrastructure.” If a deal cannot be reached, we will carry out further attacks.
We continue to wait until MGM grows up and reaches out, as they have demonstrated clearly that they know how to reach us.
Scattered Spider reported that MGM shut down large portions of its IT infrastructure and servers on 10 September, after discovering a group trying to discover passwords.
The group then launched a wide range of ransomware attacks against MGM’s remaining IT infrastructure.
MGM issued a press release on Monday informing the public of the breach. MGM said that it was working with cybersecurity experts from outside to resolve the problem. FBI also is reportedly investigating the incident.
MGM refuses ransom
If this statement is true, MGM’s refusal of paying the ransom contrasts with one of its largest competitors on the Las Vegas Strip.
The Wall Street Journal cites unnamed sources that claim Ceasars Entertainment has paid $15m to a group for threatening to leak sensitive customer data.
The group had originally requested $30m. This figure is reportedly only half that amount.
Caesars confirmed yesterday the security breach. In a SEC filing, it explained how hackers gained access to the loyalty program database. The database includes driving licence numbers, social security numbers and other customer information.
Continued disruptions at MGM
MGM has not confirmed which IT systems were affected. Social media reports claimed that thousands of hotel rooms were not working and that slot machines had frozen.
Scattered Spider reportedly gained access to MGM’s system using “phishing” methods, including phone calls in order to obtain login details.