MGM Resorts Operations Resume 10 Days After Cyberattack

MGM Resorts says it resumed full operations on Wednesday, a full 10 days after hackers took over its system. The cyberattack caused mayhem at several of its locations across the country, affecting hotel reservations, and credit card processing, while guests complained they lost access to their hotel rooms when their key cards stopped working.

In a statement on X, formerly known as Twitter, MGM Resorts wrote: “We are pleased that all of our hotels and casinos are operating normally.” It added: “Our amazing employees are ready to help guests with any intermittent issues.”


The hotel and casino also reported on X that its resort services, dining, entertainment, pools, and spas are operating as normal. Still, they did not disclose information about the extent of the data breach including the immediate costs it incurred as it struggled to regain control of its systems.

The ransomware group, ALPHV allegedly carried out the cyberattack on Sept. 11 using common social engineering tactics to take over MGM’s computer systems. “All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk,” the ransomware tracker vx-underground wrote in a Twitter post last week. “A company valued at $33,900,000,000 was defeated by a 10-minute conversation,” it added.



The attack on MGM’s systems affected hotels and casinos across seven states aside from its Las Vegas location, including Maryland, Massachusetts, Michigan, Mississippi, New Jersey, New York, and Ohio.

Gregory Moody, professor and director of the cybersecurity program at the University of Nevada, Las Vegas told the Associated Press he projected that MGM Resorts lost up to $8 million per day as a result of the computer shutdown, putting the overall loss at about $80 million.

The shutdown came only a week after MGM rival, Caesars Entertainment, suffered a similar cyberattack by the ransomware group Scattered Spider on Sept. 7, and reportedly paid the hackers $15 million of the $30 million requested ransom.

“At this point, all casinos should be moving to the highest defensive posture possible and taking active measures to verify the integrity of their systems and environment, and reviewing — if not activating — their incident response processes,” Christopher Budd, a director of threat research at cybersecurity firm Sophos X-Ops told the AP. “There’s been attacks against multiple casinos, and it’s possible we’ll see more.”


Casino cyberattacks have been on the rise in recent years with the hacking group, Lazarus, stealing $41 million in virtual currency from, an online casino and betting platform, earlier this month. In 2017, hackers accessed information from a North American casino using a fish tank sensor, and in 2020 MGM Resorts was attacked exposing roughly 10.6 million customer’s data and information.