It's a bad time to run a casino in Las Vegas right now as hackers run rampant and continue to cause trouble for gambling businesses. Before the attack on MGM Casinos and Hotels, reports say that the same hacker group also set their eyes on Caesars Entertainment.
Caesars Entertainment Confirms Ransomware Attack
Before MGM even experienced its first system disruption in the recent attack, Caesars had already gone through the same thing a month earlier. The Roman-themed casino confirmed the attack in an SEC filing stating that it happened in late August.
Unlike MGM, Caesars already disclosed the kind of data that was stolen from the company. The hackers reported managed to steal the casino's loyalty program database containing a "significant number" of members' Social Security and driver's license numbers.
This cost the company more than tens of millions of dollars, according to Gizmodo. Similar to how MGM was breached, the threat actors also used a social engineering approach as they posed as an employee to get Caesars' outsourced IT contractor to change a password.
Although it was not disclosed, it's assumed that Scattered Spider was behind the attack, the hacker group who also claimed responsibility for the system breach of MGM's casinos and hotels in more than one location.
In the SEC filing, Caesars Entertainment says that they have already taken steps to ensure that the stolen data is deleted by the threat actor. Since they cannot guarantee this, the company has been monitoring the web to determine whether stolen data has been shared.
In the event that the hackers still sell the customer data in underground markets, Caesars is offering impacted individuals in their loyalty program credit monitoring and identity theft protection services.
The MGM Attack
While Caesars Entertainment already paid the ransom to prevent customer data from being published, there are still no reports of MGM being in contact or negotiating with the hackers, even after they had already revealed themselves.
Although the hackers did claim responsibility for the attack on the hospitality giant, the Scattered Spider ransomware group says that they had nothing to do with the attack on Caesars in late August, according to Tech Crunch.
People believe that both attacks were conducted by the same group since MGM was also breached through social engineering. Threat actors searched LinkedIn and found an employee, posing as that person to call the help desk and breach the system through a 10-minute call.
This led to several system disruptions within hotels and casinos in different locations. Guests complained about complications with their digital keys, and gambling machines in MGM casinos were out of order.
Customers also had trouble accessing the company's websites, which resulted in difficulties with making reservations. Electronic payment methods and other systems being shut down led to long wait lines in the casino as staff had to resort to manually writing down customer information.
MGM Resort International says that they are already "working diligently to determine the nature and scope of the matter," but they are yet to disclose the extent of the attack, specifically if the attackers managed to steal customer data.