Casino giant MGM expects $100 million hit from hack that led to data breach

MGM Resorts has has about 40 million loyalty rewards members and tens of thousands of hotel rooms in Las Vegas at properties including the MGM Grand, Bellagio, Aria and Mandalay Bay. “We have taken steps to ensure that the stolen data is deleted by the unauthorized actor,” the company said, “although we cannot guarantee this result.” Just as with any company or individual, a casino’s reputation can speak volumes.

The list includes executives, croupiers, internet technicians, customer support, advertising and marketing experts, and much more. Physical security refers to protecting people, property, and physical assets like data centers and server rooms from various events. They store sensitive data and also allow casinos to operate without interruption. Cybersecurity isn’t easy, and as criminals and their systems become more sophisticated, the pressures on casino operators can only increase.

It expects to also incur less than $10 million as a related one-time cost in the quarter ended on Sept. 30. Hackers breach 2 Vegas casinos wislawjounralHackers who breached casino giants MGM, Caesars also hit 3 other firms, Okta gclub casino says | Reuters. Throw in the point that land-based casinos increasingly depend on internet connectivity to power seemingly mundane tasks, such as elevators and heating and cooling, and the need to bolster cyber defenses grows.

  • All the safest online casinos display their licensing information in their home page footer, often along with their license numbers.
  • Loss prevention is worth millions to the online gaming sector, and it’s not too difficult to see why.
  • Payment processing apps such as SamsungPay and ApplePay protect the client’s credit card details during each transaction, facilitating a safer experience.
  • Simply put, incident response and disaster recovery are how an online casino handles the worst-case scenario.
  • If you can’t find it there, look in their “About Us” or “Terms and Conditions” section.
  • The short answer to this is yes, it is safe as long as you choose secure online casino sites.

Last week, in its 8-K SEC filing, MGM said it expects the security breach will cost the company at least $100 million. Frenkel noted that gaming faces some of the same cyber challenges as other industries, including addressing vulnerabilities before those weaknesses are turned against a company. Founded in 2007 and the holder of 14 patents, Waterfall is a provider of industry-level cybersecurity solutions.

That’s vital because cybercriminals aren’t relenting and will continue upping their technology proficiency. PCI compliance is more complex in casinos than in other environments because cards are accepted across not only the casino floor, but also at their related hotels, restaurants, and even merchandise retail outlets. Casinos can face crippling fines if any of their many points-of-sale are found to not meet PCI compliance standards. Nevada Gov. Joe Lombardo and the Nevada Gaming Board released a joint statement, saying they are “monitoring the cybersecurity incident with MGM Resorts and are in communication with company executives.” The company said it “took prompt action to protect our system and data, including shutting down certain systems.”

It is never a good idea to press your luck with your sensitive information at a casino; therefore, let’s begin by examining what steps casinos can take to guard against cyber threats. Amidst the glitz and glamour of the casino atmosphere, cybersecurity doesn’t typically come to mind. Exciting lights, sounds, and the general awe and wonder of the ambiance bombard our eyes, ears, and minds.

Authentication protocols allow one party to verify the identity of another party, such as the casino operator or a member of the casino’s IT personnel. To ensure only authorized parties have access to the system and sensitive information, casinos use multiple authentication protocols. And of course, it does nothing to build trust between the customer and their business, if they are vulnerable to these types of attacks. This has potentially longer term implications for operators, and as we’ve seen with high profile hacks in years gone by, there’s the very real potential of destroying a trusted brand. Cybersecurity is an increasingly big issue for operators, if not more important than security at offline venues. With a more condensed target, and a million and one ways to potentially penetrate digitised systems, companies need to be more proactive than ever to secure their platforms.

cybersecurity casinos

Just to be on the safe side let me quickly mention here that we never ever play in a casino that has no license whatsoever. Furthermore, crypto casinos often run extensive background checks to verify previous employment history to ensure their employees are not convicted of any relevant crime—casinos are unlikely to hire anyone convicted of financial or violent crime. With so many employees in a variety of different positions, it is vital to educate staff members and help prevent them from accidentally revealing sensitive information or falling victim to various ransomware traps.

Using a website to access your bank and withdraw money or add money to your account is a standard part of casino play. There has been a dramatic increase in the number of cybercrimes in the last few years, so staying vigilant and choosing the right online casino, which has these measures in place, is a great starting point. Although the age of a online UK casino doesn’t determine anything, it’s still a good indication of reliability and safety if its operating smoothly for over years now. Lots of great brands were just recently launched however, and they can offer just as great of a service as those veterans of the market. A multi-layer cybersecurity strategy is essential for any business that operates with finances, processes transactions, and stores large amounts of sensitive and personal information. Simply put, incident response and disaster recovery are how an online casino handles the worst-case scenario.

Loss prevention is worth millions to the online gaming sector, and it’s not too difficult to see why. With an insecure website or mobile platform they are potentially exposing themselves to substantial losses. The hackers stole a copy of the Caesars’ loyalty program database, including the driver’s license numbers and Social Security numbers “for a significant number” of customers. Caesars admitted that the hackers breached its systems through a “social engineering attack on an outsourced IT support vendor,” according to a regulatory filing. The casino giant first confirmed the data theft in an SEC filing in September, but has yet to comment on the reported ransom paid to the ransomware crew. In an attached security breach notification letter [PDF], Caesars told customers that the entertainment conglomerate has “taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result.”






Leave a Reply

Your email address will not be published. Required fields are marked *