While Caesars reportedly paid to make the pain stop, MGM did not. Last week, in its 8-K SEC filing, MGM said it expects the security breach will cost the company at least $100 million.
Scattered Spider is reportedly an affiliate of ALPHV, also known as BlackCat, a ransomware-as-a-service (RaaS) operation that rents its malware to other criminals. News of that ransomware infection broke as another huge casino and hotel chain, MGM Resorts, was forced to shut down IT systems and slot machines after the same cybercrime crew – known as Scattered Spider – broke into its network and stole customers' data.
MGM Resorts shuts down website, computer systems after 'cybersecurity incident'.Caesars says cyber-crooks stole customer data as MGM casino outage drags on.Scattered Spider traps 100+ victims in its web as it moves into ransomware.MGM Resorts attackers hit personal data jackpot, but house lost $100M.We will update this story if and when we hear back. The biz's 8-K SEC form claimed a 'significant number' of loyalty members were feared stolen. These include questions about the ransom demanded and whether it was paid, and how many thousands of customers were caught in the ransomware crew's web. The casino giant first confirmed the data theft in an SEC filing in September, but has yet to comment on the reported ransom paid to the ransomware crew.Ĭaesars has not responded to multiple inquiries from The Register.