- In 2019 MGM Resorts data breach came to light
- In February 2020 it was reported 10.6 million or 1.06 crore people’s data was compromised
- Details have come out claiming data of as many as 146 million or 14.6 crore people was compromised
The famous MGM Resorts suffered a major data breach in 2019 when it reported that personal data including email address, name, mobile number of around 10.6 million or 1.06 crore guests was compromised. However, it now appears that the data breach was much more severe than what was initially reported and that that data of more than 142 million or 14.2 crore MGM Hotel guests might have been compromised.
Going by the reports, the latest data breach information of the guests of MGM surfaced over the weekend when a hacker posted an advertisement on the dark web cybercrime marketplace. The hacked appeared to be selling the information for $ 2,940 or Rs. 2.21 lakhs.
Allegedly, the hacked obtained the data of MGM guests from a US-based cybersecurity company. This cybersecurity company named Night Lion Security, however, came forward and denied the allegations of the hacker and told the news form that the company has never owned a copy of the full MGM database.
Night Lion Security added that this hacked was further trying to ruin the reputation of the firm after it faced a data breach recently.
ZDNet, a business technology news website published by CBS Interactive, along with TechRepublic, presented a report which claimed that the MGM Resorts were aware of the scope of the data breach, however, it remains unclear whether all the affected guests were notified of the breach or not.
The Blackstone Group Inc., the company which owns the popular hotel chains including Aria, Bellagio, Mandalay Bay, Mirage, Excalibur, MGM Grand and Park MGM in Las Vegas, Nevada had faced the data breach in the summer of 2019 when the alleged hackers accessed a cloud server which contained the information of many previous guests of the MGM Resorts.
In February, this year, the development surfaced when the data which was leaked made its way on a hacking forum. Though MGM never made the security breach public, the impacted customers were notified about the attack, said the report.
Although, going by the data verified by the news company, the data which was compromised – both in February and now – did not include financial information of the guests or their Social Security Numbers or IDs. ZDNet reports also claimed that “The MGM data could be even bigger than the 142 million,”.