MGM Casinos Cyberattack: Reports Of Slot Machines, ATMs Shutting Down

MGM Resorts is one of the largest proprietors of luxury resort hotels in the United States, as well as the world — with hotel casinos in Las Vegas, Nevada like the MGM Grand being some of the resort city's most well-known. Considering the company's scope, then, it's a given that its data is a highly valuable target for bad actors. As a result, MGM has found itself the target of multiple cyberattacks over the years. 

The last time MGM was attacked in this manner was in 2019, where a cloud server breach exposed the data of millions of guests. This week, though, another attack has affected MGM's hotels in a much more direct manner.

Since Monday morning, the computer systems in MGM hotels in Las Vegas and beyond have been shut down as a direct result of a cyberattack from an as-of-yet unidentified bad actor. The company posted an announcement on its Twitter page on Monday informing of the attack, and the steps it's taken to mitigate the damages.

"We quickly began an investigation with assistance from leading external cybersecurity experts," MGM said in its post. "We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems."

The scope of the damage

Due to the shutdown of the hotels' digital systems, all aspects of their operation have been impacted. On casino floors, slot machines and ATMs have been completely deactivated, showing error messages on their screens instead of their usual attract modes. In the hotels, guests have found themselves locked out of their rooms, as their digital card keys have been disconnected from the network. 

As these card keys double as charge cards for guests, many have found themselves unable to make purchases. Currently, the casino floors have started to come back online, but the key and room reservation systems still remain down. Front desk staff are working to get impacted guests safely back into their rooms.

At the time of writing, MGM has not publicly divulged a potential culprit in this cyberattack, nor have any hackers come forward to claim credit. The FBI is currently monitoring the situation as it unfolds, but haven't offered any concrete information.

"The FBI is aware of the incident, as this is still ongoing, we do not have any additional information to provide at this time," Las Vegas FBI agent Mark Neria informed Forbes via email.