The casino floors at MGM Resorts across the country went silent yesterday after the company was hit with a massive cyber attack, possibly originating from North Korea. Impact from the attack was particularly noticeable on MGM Resorts guests, who suddenly couldn’t access the electronic locks on their room doors or access cash from ATMs, which were also shut down.
Officials at MGM Resorts became aware of a potential attack on Sunday with the bulk of the impact hitting properties across the US on Monday. Many, if not all, of MGM’s 19 properties including those in Massachusetts, Nevada, and New Jersey were directly impacted by the attack.
Company officials responded quickly to the attack taking to X (formerly known as Twitter) with a statement saying, “MGM Resorts recently identified a cybersecurity issue affecting some of the company’s systems.Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts.
“We also notified law enforcement and took prompt action to protect our systems and data. This included shutting down certain systems.
“Our investigation is ongoing and we are working diligently to determine the nature and scope of the matter.”
MGM was doing its best to keep guests happy during the attack and was adding additional staff to help cope with the crisis.
There’s been speculation, but no official confirmation, that the attack was the work of the APT38, Lazarus Group, a hacker crew associated with North Korea. That group is also believed to have attacked Stake.com last week.
So far there’s been no mention of a ransom request, as is frequently the case when businesses are attacked this way, but it’s also possible that a request has been made but not publicized.
Going into Tuesday, it looks as though MGM Resorts is still working to regain complete control of its computer networks so that it can get back to the business of booking rooms and running casinos.