MGM Resorts says was victim of data breach last year

The Bellagio hotel and casino is seen along the Las Vegas strip
FILE PHOTO: The Bellagio hotel and casino is seen along the Las Vegas strip after MGM Resorts International announced it was selling the resort and Circus Circus in separate deals in Las Vegas, Nevada, U.S. October 15, 2019. REUTERS/David Becker

February 20, 2020

By Kanishka Singh

(Reuters) – U.S. casino operator MGM Resorts International said on Thursday it was the victim of a data breach last year after an earlier report claimed that details of over 10.6 million hotel guests had been compromised.

“Last summer, we discovered unauthorized access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts”, a company spokesman said in an emailed statement.

No financial, payment card or password data was involved in the incident and the guests affected were notified, the statement said.

The majority of information exposed related to the names of guests and their phone numbers, the spokesman added, without confirming the exact number of guests affected.

Technology website ZDNet reported late on Wednesday that the personal details of more than 10.6 million guests who stayed at MGM Resorts hotels were published on a hacking forum this week.

The details in the leaked files included information on celebrities, chief executives of technology companies, reporters and government officials, the report added, citing confirmation from some of those affected.

The company said on Thursday it had retained two cybersecurity forensic firms to assist in an internal probe.

MGM Resorts has upgraded the security of its network to avoid such breaches in the future, the spokesman said, without giving further details.

(Reporting by Kanishka Singh in Bengaluru; Editing by Jan Harvey)