Law

Casino hacking was on the minds of Nevada regulators in 2022

Review Journal
 
Casino hacking was on the minds of Nevada regulators in 2022
Super Slots

It was almost as if Nevada regulators anticipated cyber trouble back in December when they approved revisions to Regulation 5 that call for plans to address cyberattacks on casino companies.

Nevada licensees have until Dec. 31 to deliver risk assessments of their business operations and develop cybersecurity best practices.

But in late August, hacker gangs identifying themselves as Scattered Spider and ALPHV broke into computer systems of Caesars Entertainment Inc. and on Sept. 10 into systems of MGM Resorts International.

While Caesars reportedly paid a multimillion-dollar ransomware demand and didn’t lose an operational beat, MGM didn’t, and the company endured nine days of operational chaos as multiple computer systems went down, costing the company millions.

The company’s website and hotel room booking engines were struck, the MGM app used by customers to enter their hotel rooms was offline. Restaurant and attraction reservation systems failed. The company, fearing worse damage to their systems, shut down networked slot machines and instead had to pay slot machine winners manually instead of through a machine’s ticket in-ticket out system that produces vouchers that could be redeemed for cash or inserted into other machines.

The 10 MGM resorts in Las Vegas and its other resorts across the United States were unable to process credit card transactions, in-casino ATMs were off line and their paid parking access was compromised. Company email also was offline.

Customers who have written emails and called the Review-Journal say they fear their personal data might have been exposed.

Lawsuits filed

Consumers already have begun paying attention, filing class-action lawsuits — against MGM and Caesars — in U.S. District Court in Las Vegas.

Casino customers in Illinois, Colorado, Mississippi and Louisiana filed the lawsuits seeking unspecified damages. Neither company commented on the lawsuits.

In the days since the attack began, the company has reported a gradual return to normal business. On Monday, the company said websites can be accessed and company email was available.

At Thursday’s Nevada Gaming Commission meeting, Commissioner Brian Krolicki said he was hopeful that a public report could be made to explain the MGM and Caesars breaches. Since then, there have been no further regulatory reports, and commissioners have declined to comment. But Krolicki noted the deadline listed in Regulation 5.

“A covered entity that experiences a cyberattack to its information system resulting in a material loss of control, compromise, unauthorized disclosure of data or information, or any other similar occurrence shall provide written notification of the cyberattack to the board as soon as practicable but no later than 72 hours after becoming aware of the cyberattack,” the regulation says.

“Upon request, the covered entity shall provide the Board with specific information regarding the cyberattack, perform, or have a third-party perform, an investigation into the cyberattack, prepare a report documenting the results of the investigation, notify the board of the completion of the report, and make the report available to the board for review upon request. The report must include, without limit, the root cause of the cyber attack, the extent of the cyberattack, and any actions taken or planned to be taken to prevent similar events that allowed the cyberattack to occur and notify the board when any investigation or similar action taken by an entity external to the covered entity is completed and make the results of such investigation or similar action available to the board upon request.”

Tech workshop

A Control Board spokesman on Tuesday said a workshop meeting scheduled Wednesday afternoon on gaming technology modernization wouldn’t address the MGM or Caesars incidents.

But it could be the elephant in the room when participants discuss gaming devices, associated equipment, cashless wagering systems and processes that could result in more effective deployment of gaming technology projects and discussion regarding advanced technology.

It’s unclear just how long the attack on MGM would affect business, but a New York-based cybersecurity expert said he believes a lack of public confidence in MGM could discourage stays at MGM properties leading up to the Super Bowl at Allegiant Stadium in February.

“There’s the obvious practical near-term effects, which is people were unable to book accommodation for some period of time,” said Dan Draper, founder and CEO of CipherStash, a company designed to prevent data breaches from ever happening.

“Certainly, being offline for a period of time would have resulted in a number of lost bookings,” he said. “But I think the bigger issue here is the effect or the impact that the breach will have on consumer trust. And I think this just goes to amplify what I certainly see as an ongoing trend in consumer distrust of how their data is being managed.”

Impact of breaches

Because breaches affected the two largest resort companies in Las Vegas, Draper said it’s possible Las Vegas as a whole could feel the impact.

“It’s probably not going to get to the point where a significant number of people don’t come to Las Vegas at all, but I do think that it is going to have an effect on how much money they spend, on what kinds of accommodation they choose to stay in,” he said. “And once again, if they’re not providing their personal data or they’re a lot more cautious about providing personal data to various different suppliers, I would say that the share of wallet would be reduced.”

Brendan Bussmann of Las Vegas-based B Global, who said MGM needs to be at the top of its game with multiple major events on the near horizon.

With November’s Formula One Las Vegas Grand Prix, December’s National Finals Rodeo, January’s CES convention and February’s Super Bowl LVIII on the horizon, Bussmann said it’s critical for MGM to rebound from the attack.

“You’ve got a busy schedule ahead over the next six months of MICE (meetings, incentives, conferences and exhibitions), sports and other key events on the docket so the runway is short to get back to everything running on all cylinders while continuing to evaluate how best to address what has occurred in the future,” he said. “While there still may be lingering effects behind the scenes, the show must go on and MGM Resorts will do what it takes to keep those things running.”

Play The Invisible Man Slot
Recommended Slot Game To Play: The Invisible Man Slot
Super Slots Casino 300% up to $2000 Welcome Bonus!
Related
Covers

New York Casinos Impacted by Slot Machine System Cyberattack

The New York Gaming Commission confirmed that the state's lottery provider was hit by a cybersecurity attack, affecting at least three casinos. A recent cyberattack impacted two New York hospitals, a nursing home, and New York's video lottery terminals (VLTs) system, operated by Everi Holdings on behalf of the state. VLTs are Class II slot…
Incidents
New York Casinos Impacted by Slot Machine System Cyberattack
Las Vegas Weekly

After cyberattacks crippled casino companies, how vulnerable is Las Vegas?

Las Vegas has always prided itself on its economy of leisure. In the span of a weekend, visitors can dine at the finest restaurants, witness world-class entertainment and sporting events and shop at top luxury brands without leaving the Strip-sometimes, without leaving their hotel. All that came to a standstill last month as two casino giants fell…
Incidents
After cyberattacks crippled casino companies, how vulnerable is Las Vegas?
Super Slots
Review Journal

Gaming regulators discuss oversight of cycbersecurity at casinos

Nevada doesn't require casino companies to carry cybersecurity insurance, but most of them do as a cost of doing business. Gaming regulators from four states, including Nevada Gaming Control Board Chairman Kirk Hendrick, weighed in on the regulation of companies Monday in an opening panel of the four-day Global Gaming Expo. Around 25000 industry…
Law
Gaming regulators discuss oversight of cycbersecurity at casinos
AP News

Data breach at MGM Resorts expected to cost casino giant $100 million

NEW YORK (AP) - The data breach last month that MGM Resorts is calling a cyberattack is expected to cost the casino giant more than $100 million, the Las Vegas-based company said. The incident, which was detected on Sept. 10, led to MGM shutting down some casino and hotel computer systems at properties across the U.S. in efforts to protect…
Incidents
Data breach at MGM Resorts expected to cost casino giant $100 million
Wild Casino

$5,000 Welcome Bonus

Deposit bonuses are optional and must be requested by the player when making a deposit. For example, use Promo Code WILD1 to a 100% Casino bonus. Your bonus request will be assessed and, if your account is eligible for the bonus, it will be added to your account immediately.
ABC News

Cyberattack at MGM Resorts expected to cost casino giant $100 million

The data breach that MGM Resorts is calling a cyberattack is expected to cost the casino giant more than $100 million ByWYATTE GRANTHAM-PHILIPS AP business writerOctober 6, 2023, 11:06 AM NEW YORK -- The data breach last month that MGM Resorts is calling a cyberattack is expected to cost the casino giant more than $100 million, the Las Vegas-based…
Incidents
Cyberattack at MGM Resorts expected to cost casino giant $100 million
West Hawaii Today

MGM Resorts computers back up after 10 days as analysts eye effects of casino cyberattacks

LAS VEGAS - MGM Resorts brought to an end a 10-day computer shutdown prompted by efforts to shield from a cyberattack data including hotel reservations and credit card processing, the casino giant said Wednesday, as analysts and academics measured the effects of the event. "We are pleased that all of our hotels and casinos are operating normally,"…
Land-based
MGM Resorts computers back up after 10 days as analysts eye effects of casino cyberattacks
ABC 7

MGM Resorts computers back up; analysts eye effects of casino cyberattacks

MGM Resorts brought to an end a 10-day computer shutdown prompted by efforts to shield from a cyberattack data including hotel reservations and credit card processing, the casino giant said Wednesday, as analysts and academics measured the effects of the event. "We are pleased that all of our hotels and casinos are operating normally," the Las…
Land-based
MGM Resorts computers back up; analysts eye effects of casino cyberattacks
Hay Post

Las Vegas hotel casino lost millions after 10 day cyberattack

LAS VEGAS (AP) - MGM Resorts brought to an end a 10-day computer shutdown prompted by efforts to shield from a cyberattack data including hotel reservations and credit card processing, the casino giant said Wednesday, as analysts and academics measured the effects of the event. "We are pleased that all of our hotels and casinos are operating…
Land-based
RELATED LOCATION
Location Icon
Country
USA
Location Icon
State
Nevada
Location Icon
City
Las Vegas, USA
Vegas Inc

MGM says casino, hotel services 'operating normally' after cyberattack

MGM, with 28 properties worldwide, including many up and down the Las Vegas Strip, experienced what resort officials labeled a "cyber issue" on Sept. 10, 2023, to force the company to shutter its computer systems Updated Wednesday, Sept. 20, 2023 | 10:20 a.m. MGM Resorts International said its casino and hotel services are "operating normally," a…
Land-based
MGM says casino, hotel services 'operating normally' after cyberattack
The Washington Post

Las Vegas casino hacks: What tourists should know about MGM cyberattack

A recent cyberattack targeting MGM Resorts has left guests with a losing hand. In addition to a potential breach of personal data, hotel and casino visitors had to contend with widespread interruptions since last week, ranging from inoperable digital keys to blank slot machines. Days after MGM first reported a "cybersecurity issue" on Sept. 11,…
Land-based
Danville Register & Bee

Casino giant Caesars Entertainment reports cyberattack

LAS VEGAS - Casino company Caesars Entertainment on Thursday joined Las Vegas gambling rival MGM Resorts International in reporting that it was hit by a cyberattack, but added in a report to federal regulators that its casino and online operations were not disrupted. The Reno-based publicly traded company told the federal Securities and Exchange…
Land-based
Casino giant Caesars Entertainment reports cyberattack
NBC News

Who are the hackers that breached MGM's Las Vegas operations?

The hackers who are believed to be behind a major cyberattack that has disrupted several casinos and hotels in Las Vegas are part of a small but prolific cybercrime clique whose members have also hit other major U.S. companies in the past year by talking their way into access to computer networks, cybersecurity experts and a person familiar with…
Incidents
Who are the hackers that breached MGM's Las Vegas operations?
RELATED CATEGORIES
Category Icon
Category
Law
Category Icon
Category
Land-based
Category Icon
Category
Incidents
AOL

Las Vegas casino attacks tied to hackers known for sweet-talking tactics

The hackers who are believed to be behind a major cyberattack that has disrupted several casinos and hotels in Las Vegas are part of a small but prolific cybercrime clique whose members have also hit other major U.S. companies in the past year by talking their way into access to computer networks, cybersecurity experts and a person familiar with…
Land-based
Las Vegas casino attacks tied to hackers known for sweet-talking tactics
New York Post

MGM casinos still reeling from 'cybersecurity issue'

MGM's casinos in Las Vegas continued to be plagued by "cybersecurity issue" on Friday - five days after getting hacked - with many slot machines silenced while guests squawked about broken elevators and poor service. One person staying at MGM Resorts-owned Aria said the hotel was handing out so-called "guest recovery voucher to any hotel guest who…
Land-based
MGM casinos still reeling from 'cybersecurity issue'
Chicago Sun Times

Las Vegas casinos targeted in cyberattack; Horseshoe Casino in Hammond affected

LAS VEGAS - Casino company Caesars Entertainment on Thursday joined Las Vegas gambling rival MGM Resorts International in reporting that it was hit by a cyberattack, but added in a report to federal regulators that its casino and online operations were not disrupted. The Reno-based publicly traded company told the federal Securities and Exchange…
Land-based
Las Vegas casinos targeted in cyberattack; Horseshoe Casino in Hammond affected
themessenger.com

Amy Poehler and Maya Rudolph Party in Las Vegas Amid Casino Cyberattack

What happens in Vegas, stays on TikTok. Amy Poehler and Maya Rudolph found themselves in a casino the same week hospitality company MGM Resorts International experienced a widespread system outage. But instead of freaking out, the former Saturday Night Live stars kept calm and carried on by posting a must-see TikTok video. "When you're in Vegas…
Land-based
Amy Poehler and Maya Rudolph Party in Las Vegas Amid Casino Cyberattack
RELATED BRANDS
Brand Icon
MGM Resorts
Los Angeles Times

Useless slots and cash bars annoy casino-goers after MGM cyberattack

MGM Resorts International has been saying its hotels and casinos are operational after a cyberattack over the weekend that appeared to take down everything, including payment systems and sports books. Some of its patrons begged to differ. Scanning a largely empty casino floor at the MGM Grand in Las Vegas on Tuesday, Marina Lopez said the hack has…
Incidents
Useless slots and cash bars annoy casino-goers after MGM cyberattack
The Nevada Independent

Cyberattack on MGM Resorts knocks out casino operations and computer systems company wide

Most slot machines were offline in MGM's Strip casinos Monday, while customers had to wait for payouts from attendants. Arizona resident John Hass checked out of his room at New York-New York Monday morning and walked over to Excalibur to play the slot machines before heading to the airport for his afternoon flight to Tucson. He was told a computer…
Land-based
Cyberattack on MGM Resorts knocks out casino operations and computer systems company wide
The Record

A look at the ransomware behind Gateway Casinos cyberattack

By Marissa Birnie Staff Reporter Wed., April 26, 20233 min. read Article was updated 10 hrs ago It's been over a week since Gateway Casinos and Entertainment announced the closure of its Ontario locations after a cyberattack hit the gaming operator. In a statement, the company confirmed the attack as ransomware. "We have no evidence thus far that…
Trust and Safety
A look at the ransomware behind Gateway Casinos cyberattack
Play Dragon Shard Slot Game Review
Slot Game of the Month: Dragon Shard Slot Game Review
Wild Casino $5,000 in Welcome Bonuses. Join Now!
  • 18 plus
  • eCogra
  • Trusted Site
  • Game Care