Las Vegas experienced a series of cyberattacks, with one casino even agreeing to pay a $15 million ransom to the hacker who successfully breached its information technology system.
In the span of a few weeks, two cyberattacks targeted casinos in the heart of the United States’ gambling hub, Las Vegas. Both incidents were disclosed through reports to the U.S. Securities and Exchange Commission (SEC).
On Wednesday, MGM Resorts reported that its hotel and casino technology systems had to be shut down starting Monday morning due to cybersecurity concerns. As a result, casino operations had to be halted, along with reservation, booking, and electronic hotel room key systems. The IT system issue was resolved on Monday night, but the hotel system recovery took a significant amount of time.
MGM operates thousands of hotel rooms in Las Vegas and other regions across the United States, with its Las Vegas hotel business being its largest contributor.
Caesars also fell victim to a cyberattack, but they chose to pay a $15 million ransom to the hackers who had “held their computer system hostage.”
The cybercriminal group responsible for breaching Caesars’ system demanded a $30 million ransom. Caesars’ management agreed to pay half of it, with a portion covered by their cyber insurance policy.
“Despite the fact that the members of this cybercriminal group are less experienced and younger compared to well-known ransomware groups, they pose a serious threat to giant companies in the U.S.,” said Charles Carmakal, CTO at Google, as quoted by CNBC International.
Both the attacks on Caesars and MGM were attributed to the same group, UNC3944 or Roasted 0ktapus. This group has previously targeted technology companies like Cloudflare, Okta, and Twilio.