Disruptions at hotels and casinos owned by MGM Resorts International continue, five days after the company was hacked by hackers seeking a ransom to restore access.
Videos posted from MGM properties on the Las Vegas Strip, including ARIA and Bellagio, on Thursday evening showed extremely long check-in lines and some slot machines remained offline.
Working slot machines are cash-only and hand-set, meaning winnings must be dispensed by human staff, and MGM handed out restaurant credits and free alcohol to appease angry guests .
Meanwhile, in a statement released Thursday evening, the hackers claiming responsibility for the breach said they maintained access to “part of MGM’s infrastructure” and threatened “additional attacks” if their Ransom demands were not met.
MGM’s ongoing woes come after rival gaming giant Caesars Entertainment confirmed it detected a breach last week – but Caesars reportedly paid a ransom of around $15 million and avoided any customer-related disruption.
Long queues for check-in were seen at Bellagio (left) on Thursday, while ARIA still had some slots available offline, with the rest operating on a cash-only and manual payment basis.
The FBI told DailyMail.com it was investigating the incidents at both Caesars and MGM, adding: “As this is an ongoing investigation, we are unable to provide any details. additional details.”
Neither Caesars nor MGM responded to multiple requests for comment from DailyMail.com throughout the week.
Both breaches appear to have been initiated through “social engineering” attacks, in which hackers tricked human targets into handing over their login credentials, such as by posing as real employees during telephone calls to helplines.
The attribution of the attacks remained ambiguous. A group called Scattered Spider contacted journalists to claim responsibility for both violations, while an affiliated gang known as ALPHV issued a lengthy statement contradicting those claims and claiming it had carried out the attack on the MGM.
It is possible that the two groups, known to have affiliated relationships, both took part in the attacks, or are in fact factions within the same loosely knit hacker collective.
For MGM guests, the result of that company’s breach was a week of confusion and frustration.
“MGM hacking is causing chaos,” said one X user Rachel Hooks from ARIA, sharing video of long queues and broken slot machines. “Ridiculous control in queues and broken casinos. »
At the Bellagio, @JacobLasVegasLife video released showing huge queues for hotel check-in.
MGM hotels have reportedly been forced to adopt outdated measures at check-in counters, writing down guest information and credit card numbers by hand, as system disruptions persist.
User complain about anything this weekend.
Disruptions at hotels and casinos owned by MGM Resorts International continue, five days after the company was hacked by ransom-seeking hackers.
User @LasVegasLocally shared photos of $25 food and drink vouchers, writing: “MGM Resorts employees have been given stacks of ‘recovery vouchers’ to give to any hotel guest who complains about virtually anything what this weekend.
Other photos posted by @VitalVegas showed staff at MGM properties offering free wine and beer to guests while they waited in line to check in.
In a sign of a slow return to normal, MGM Resorts’ main website finally resumed operation, although online hotel reservations remained unavailable Friday morning.
“For hotel reservations arriving September 13-17, 2023, we understand that your travel plans may have changed, so we are waiving change and cancellation fees,” the website states. ‘Thanks for your patience.’
Meanwhile, hacker gang ALPHV, also known as BlackCat, spoke out in a lengthy statement posted to its darkweb ransom site on Thursday evening.
Without naming Scattered Spider, ALPHV dismissed reports of this group’s involvement as “rumors”, although they did not explicitly deny Scattered Spider’s involvement.
Long waits for check-in were seen at ARIA on Thursday evening as MGM properties resorted to manually taking guest information in some cases.
The main MGM Resorts website finally resumed operation, although online hotel reservations remained unavailable Friday morning.
The hackers claimed they infiltrated MGM’s network on Friday, September 8, and that the initial disruptions to the company’s system last weekend were actually the result of MGM employees frantically disconnecting devices to stem the problem. ‘attack.
“Due to their network engineers’ lack of understanding of how the network works, network access was problematic on Saturday,” the hackers claimed.
“They then made the decision to ‘take offline’ apparently important components of their infrastructure on Sunday,” the group added.
ALPHV said it launched its ransomware attack on Monday, September 11, encrypting more than 100 bare-metal hypervisors in MGM’s server environment.
The hacker group said it made “multiple attempts” to contact MGM with ransom demands, but received no response other than an unidentified user lurking silently in the chat room set up to conduct the negotiations.
“We believe MGM will not agree to a deal,” the Pirates said. “We continue to have access to some MGM infrastructure. If no agreement is reached, we will launch further attacks.
“We continue to wait for MGM to develop a pair and contact us because they have clearly demonstrated that they know where to contact us,” ALPHV added.
The group’s claims could not be independently verified.