The ransomware group that allegedly broke into MGM Resorts’ system in mid-September did so by infiltrating the corporation’s tech help desk, reports say.
“All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk,” according to a Sept. 12 Twitter post from ransomware tracker vx-underground. Bloomberg similarly reported the security breach occurred after MGM’s information technology help desk was compromised, citing a cybersecurity expert with knowledge of the ongoing cyberattack investigation. ALPHV is believed to be Russia-based, according to the outlet.
The hack has also been attributed to another ransomware group called Scattered Spider, the Associated Press (AP) reported.
All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk.
A company valued at $33,900,000,000 was defeated by a 10-minute conversation.
— vx-underground (@vxunderground) September 12, 2023
As a result of the hacking, which was reportedly detected Sept. 10, MGM Resorts experienced outages and some customers observed the slot machines in MGM’s Las Vegas casino were not working, according to tech blog Engadget. The cybersecurity attack affected MGM Resorts properties across the country, AP reported, citing a statement from spokesman Brian Ahern. Ahern declined to comment to Bloomberg with more specifics surrounding the attack.
— Engadget (@engadget) September 13, 2023
MGM informed the public Sept. 20 that “all of our hotels and casinos are operating normally,” but that there may still be some lingering “intermittent issues” due to the hack.
David Bradbury — chief security officer for the identity and access management company Okta — told Bloomberg he issued a warning about similar cyberattacks back in August. Hackers initially use “social engineering tactics” to breach a system and then progress to more advanced hacking tactics once they’ve gained entry, Bradbury told the outlet. (RELATED: Cyberattack Shuts Down Hospitals Nationwide, Patients Diverted)
MGM business rival Caesars Entertainment experienced a similar cyberattack in early September, according to NBC Chicago. Caesars allegedly paid $15 million to Scattered Spider out of the $30 million originally demanded, the outlet reported.