MGM says casino, hotel services 'operating normally' after cyberattack
MGM, with 28 properties worldwide, including many up and down the Las Vegas Strip, experienced what resort officials labeled a “cyber issue” on Sept. 10, 2023, to force the company to shutter its computer systems
Updated Wednesday, Sept. 20, 2023 | 10:20 a.m.
MGM Resorts International said its casino and hotel services are "operating normally," a week after a crippling cyberattack.
“We are pleased that all of our casinos, hotels, dining, entertainment and resort services are operating normally, and are welcoming thousands of guests each day,” the company said in a statement.
“We thank you for your patience and look forward to welcoming you soon,” the statement said.
The company noted that MGM Rewards players club points redemption and certain promotional offers may be unavailable.
It also said employees would be ready to help guests with any “intermittent issues.”
MGM Resorts operates casino-resorts across the U.S. and overseas, including nine properties on the Las Vegas Strip.
MGM is waiving fees for people who canceled reservations from Wednesday through Sept. 24, saying “we understand your travel plans may have changed.” Those changing plans are costly for the company.
David Katz, a gaming industry analyst with Jefferies Group, said in a Sunday report to investors that MGM will lose up to $8.4 million daily as it gets back up and running, according to the New York Post and other outlets. He said MGM could take a 10-20% hit on revenue and cash flow “for the days that the current conditions exist.”
The shutdown prevented credit card transactions and crashed the BetMGM sports betting mobile app and company websites. It also prevented digital access to guest rooms and halted some slot machine play.
The incident has provided plenty of bad publicity, with guests last week posting videos to social media of long lines at the check-in, broken elevators and nonfunctioning slot machines.
The company said Tuesday night that resort services, dining, entertainment, pools and spas are operating normally and welcoming thousands of guests. That includes the ticket-in/ticket-out systems for slot machines, which were disabled during the shutdown to force those cashing out to wait for an attendant to pay them.
MGM wasn’t the lone resort hit with a cybersecurity attack this month.
Data from members in the loyalty program at Caesars Entertainment was compromised when an unauthorized actor acquired a copy of the program’s database, including the driver’s license and Social Security numbers of members, the resort said in a report to the Securities and Exchange Commission.
Caesars said it “identified suspicious activity in its information technology network resulting from a social engineering attack on an outsourced IT support vendor used by the company.” The company said its customer-facing operation — both in-person and mobile gaming applications — weren’t affected.
Caesars reportedly paid a multimillion-dollar ransom to hackers. MGM hasn’t.
MGM in its Tuesday night message, which was shared on social media, thanked customers for their patience.
“Your guest experience is of paramount importance to us and we look forward to speaking with you soon,” the message on the website reads. “Thank you for your patience and understanding.”