Casino operators Caesars Entertainment and MGM Resorts are working with law enforcement investigators as they continue to grapple with the impact of recent separate cyber attacks.
The cybersecurity breaches were reported within days of each other and follow several other high-profile cyber attacks in several industries. These include hacks of a third-party database serving Johnson & Johnson’s Janssen CarePath; a data file sharing service that affected millions including recipients of Medicare; and of a cloud-storage environment related to online password management service LastPass.
In a Sept. 14 Securities and Exchange Commission (SEC) filing, Caesars said that it is still investigating the scope of the breach but that on Sept. 7 an unauthorized actor acquired a copy of its loyalty program database, including information such as driver’s license numbers and/or social security numbers for a “significant number” of members.
“We have no evidence to date that any member passwords/PINs, bank account information or payment card information were acquired by the unauthorized actor,” Caesar said in the filing. The company said it will notify those affected by the breach on a rolling basis in the coming weeks.
The company said it recently identified suspicious activity in its information technology (IT) network resulting from a social engineering attack on an outsourced IT support vendor that it used. Caesars said its customer-facing operations including physical properties and online and mobile gaming applications were affected by the breach but that they continue without disruption.
Certain MGM properties closed following attack
At MGM, meanwhile, certain systems at properties nationwide remain shuttered following a cyber attack publicly revealed on Sept. 12. In a statement, the casino operator said it is taking steps to protect its systems and data including shutting down certain systems.
MGM’s shut down included its reservation systems, booking systems, hotel electronic key card systems and the casino floors, according to a CNBC report.
“We continue to work diligently to resolve our cybersecurity issue while addressing individual guest needs promptly,” MGM posted on X.com on Sept. 14.
The MGMResorts.com website was a static webpage as of noon on Sept. 14, but it directed users to download the MGM Rewards app for restaurant options and reservations; to visit Ticketmaster.com to reserve a show or attraction; or visit AXS.com to buy tickets for UFC, Las Vegas Aces, Vegas Golden Knights or concerts.
MGM also said it is waiving change and cancellation fees for hotel reservations for those arriving Sept. 13-17.
Caesars is offering free credit monitoring and identity theft protection services to all loyalty program members. To sign up, call (888) 652-1580 Monday through Friday except on holidays.
Caesars also set up a website to address frequently asked questions about the incident.
Esther D’Amico is Kiplinger’s senior news editor. A long-time antitrust and congressional affairs journalist, Esther has covered a range of beats including infrastructure, climate change and the industrial chemicals sector. She previously served as chief correspondent for a financial news service where she chronicled debates in and out of Congress, the Department of Justice, the Federal Trade Commission and the Commerce Department with a particular focus on large mergers and acquisitions. She holds a bachelor’s degree in journalism and in English.
- Joey SolitroContributor
Estate Planning for Your Aging Parents: A Delicate Balance
Protecting assets isn’t the only goal. Managing health care and taxes are also important, as is maintaining our parents’ dignity and security.
By Justin Stivers, Esq. Published
Stocks Could Remain Strong (Fingers Crossed) Throughout 2024
Reasons for optimism: The worst of inflation appears to be behind us, the Fed could start cutting rates, and it seems we’ll avoid a hard landing or recession.
By Tony Roth, Chief Investment Officer Published