Guests at MGM Resorts properties in Las Vegas noticed computers were down on Sunday evening. The problem continued on Monday morning and has gone on throughout the week.
As rumors started to swirl about the problems MGM Resorts released a statement about an ongoing cybersecurity issue. At this time slots, credit card machines, ATMs, digital keys on the MGM Resorts app and more are unavailable.
The problem is serious enough that law enforcement is involved. MGM Resorts released the following statement:
“MGM Resorts recently identified a cybersecurity issue affecting some of the Company’s systems. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems.
“Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter.”
The cybersecurity problem appears to be affecting properties around the country including the following Las Vegas casino resorts.
- Aria (and Vdara)
- The Cosmopolitan
- Excalibur
- Luxor
- Mandalay Bay (and Delano)
- MGM Grand
- Park MGM (and NoMad)
- New York-New York
The MGM Resorts website is directing current and potential visitors to use the phone for questions:
“To make a hotel reservation at any of our destinations, please call 855-788-6775.
MGM Rewards members may call Member Services from 6 AM to 11 PM Pacific time at 866.761.7111.”
MGM Resorts has a list of property-specific concierge numbers for those looking for more information.
MGM Resorts On The Mend
The cyber security problems at MGM Resorts properties around the country continued throughout most of the day on Monday. The FBI and Nevada Gaming Control Board are working with MGM Resorts on this problem. Neither party has offered comment on the situation.
As the day was coming to an end, the company issued a statement saying:
“As an update to our previous statement, our resorts, including dining, entertainment, and gaming are currently operational and continue to deliver the experiences for which MGM is known. Our guests remain able to access their hotel rooms and our Front Desk staff is ready to assist our guests as needed. We appreciate your patience.”
While on the mend, as of Tuesday morning, operations at MGM Resorts aren’t entirely back to normal.
Many amenities at the casino are operational once again. Gaming, dining, and entertainment are operational at MGM Resorts casinos.
Some slot machines are still down at this point. All entertainment will continue as scheduled.
The MGM Rewards app and system still appear to be down. Digital keys available on that app were still not working Tuesday morning. Guests on site should already have physical keys to get into their rooms.
MGM Resorts websites remain down and guests looking for information or to make reservations are still being told to call the properties at the phone numbers listed above on Monday.
This isn’t the first major cyber security breach for MGM Resorts. In 2019 the casino operator was hacked. Personal information of more than 10 million people was posted online in 2020.
Expect more updates as MGM Resorts continues to work on this cyber-security issue.
MGM Resorts Computer Issues Continue
MGM Resorts computer issues continued on Tuesday despite the company saying operations were on the mend. The company statement offered no insight into the problems at its casinos in Las Vegas and around the country:
“MGM Resorts recently identified a cybersecurity issue affecting certain of the Company’s systems. Promptly after detecting the issue, we began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and are taking steps to protect our systems and data, including shutting down certain systems. Our investigation is ongoing, and we are working diligently to resolve the matter. The Company will continue to implement measures to secure its business operations and take additional steps as appropriate.”
As the sun rose on Wednesday there were no updates and the computer issues that started on Sunday night appear to be continuing at all properties.
Yesterday there were massive lines to check into hotels from Excalibur to Bellagio. I have a reservation for The Cosmopolitan today and I can’t reach the VIP services or reservations to cancel. It’s a complimentary room so I’m not too concerned. The property probably has bigger problems with signage outside of the property appearing to be down last night.
Some slot machines at MGM Resorts properties are operational but still require a handpay if anyone wants to cash out. MGM Rewards is still down as well.
Since MGM Resorts isn’t offering updates on the situation, media outlets are reaching out to experts in cybercrime and software to see what might be the problem. There’s also no clarity on how long the problems will last.
If nothing else, a new cybersecurity disclosure rule from the Security And Exchange Commission should eventually offer some insight into what the actual problem is when the company reports earnings next quarter.
Meanwhile, there’s speculation that this could be a ransomware attack. A former FBI special agent tells KTNV that this could be the work of a hacktivist organization.
Frustration Continues As Hackers Are Identifies
It’s Thursday and MGM Resorts computer systems still aren’t entirely back online. However, it does appear they’re slowly coming back.
While not confirmed by MGM Resorts, numerous outlets are reporting that the ALPHV/BlackCat ransomware group is responsible for the hack. According to Forbes, this started by reaching out to an “MGM employee who worked in IT support. The next step was simply to call the MGM help desk.”
After the call, it only took the group 10 minutes to hack the system and create havoc at MGM Resorts properties.
According to Bloomberg, the hackers demanded a ransom from MGM Resorts. The company has not confirmed this.
Not coincidentally, the same group claims to have hacked Caesars as well.
The company filed an 8-K with the SEC yesterday with some information about how the attack on its computer system will impact business this quarter:
“MGM Resorts recently identified a cybersecurity issue affecting certain of the Company’s systems. Promptly after detecting the issue, we began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and are taking steps to protect our systems and data, including shutting down certain systems. Our investigation is ongoing, and we are working diligently to resolve the matter. The Company will continue to implement measures to secure its business operations and take additional steps as appropriate.”
The problems the company has endured this week could drastically impact the bottom line according to CNBC and other financial outlets.
Guests remain frustrated as little has changed and there’s no timeline on when MGM Resorts properties will return to normal. Lines to check into hotels like Excalibur remained incredibly long as of last night.
MGM Rewards says it’s operational on table games and slot machines even though guests may not see points being accumulated. There’s still an issue with the TITO (Ticket In Ticket Out) system so machine players must use cash. Anecdotally, it appears as though it could take up to 30 minutes for a player to receive money when they’re done with a session.
The MGM Resorts app remains down. Players won’t see points from their play until this is fixed.
MGM Resorts is waiving the cancellation fee for those with hotel reservations until Sept. 17. I canceled a reservation yesterday at The Cosmopolitan and it took a bit longer than usual as the computer system was very slow.
Cyberattack Continues Into The Weekend
It’s Friday morning and there’s no end in sight for the cyberattack on MGM Resorts properties. The company isn’t providing detailed information to the public on the current status.
Guests remain frustrated. The employees at MGM Resorts properties are frustrated and seem to be doing a great job handling guests. A guest told the Las Vegas Sun “We actually arrived early, anticipating long lines, (but) it was probably the fastest we’ve checked in in a while.”
MGM Resorts websites are back online but the reservation system is still down. There’s now an FAQ available for those with upcoming visits.
On the ground in Las Vegas, the check-in lines were getting shorter on Thursday night. However, the weekend will bring more visitors to MGM’s hotels and casinos in Las Vegas and around the country. Guests can still cancel their upcoming reservations through Sep. 17.
On the good side, parking is free for the time being.
As of last night, all transactions at check-in and slot machines were done by hand. The company was handing out vouchers for food and beverages to those complaining. The company was also handing out complimentary drinks at some Las Vegas casinos.
The perpetrators of the cyberattack, ALPHV, released a statement yesterday. While ALPHV says it has control of the MGM Resorts computer system, it appears as though the company is slowly regaining access.
“Due to their network engineers’ lack of understanding of how the network functions, network access was problematic on Saturday. They then made the decision to “take offline” seemingly important components of their infrastructure on Sunday.”
The group also said that MGM has “inadequate administrative capabilities” and has made a “weak incident response.”
While Caesars revealed plenty of information about their recent cyberattack, MGM remains mum.
Stay tuned as the situation carries into the weekend.