Another Las Vegas casino group victim of cyber-attack, agrees to pay substantial ransom
After learning this week of the cyber-attack suffered by MGM Resorts, we now learn that another Vegas land-based mega-operator – Caesars – was also the victim of an attack in early September, for which the firm agreed to pay $15 million in ransom. Read all about it in this article.
A new cyber-attack in Las Vegas
Hacker attacks are commonplace in our digitalized world. Most of the time, attacks on large corporations are unsuccessful, or are dealt with discreetly to avoid bad publicity.
But as we saw this week with MGM Resorts, cyber-attacks don’t always fly under the radar. MGM was the victim of a hack that affected the reservation systems of many of the group’s casinos and hotels. We also learned that six terabytes of data had been compromised (or 6,000 gigabytes). A single terabyte of data corresponds to some 6.5 million documents.
Today, we learn from Caesars that another security breach has taken place. A group of criminals called ” Scattered Spider “infiltrated the group’s data and demanded a substantial ransom.
Negotiation over ransom demand
Scattered Spider demanded $30 million from the Las Vegas operator, who finally agreed to pay the princely sum of $15 million. The infiltration took place on September 7, 2023. It is not known exactly why Caesars agreed to pay this sum, but it is likely that the reason was to recover access to sites and accounts.
In spite of this, Scattered Spider’s spokesman said that the hacker group was able to personal information of many VIP members of the Caesars group.. This sensitive data includes copies of driving licenses and social security numbers.
According to the same spokesperson, Scattered Spider was also behind the attack on the MGM group. The hackers did not reveal what they stole, but said the operation was “very profitable” for them. MGM, however, has refused to pay a ransom for the time being.
MGM and Caesars are the two biggest operators in Las Vegas… A huge amount of work needs to be done in terms of cyber-security for the two casino giants.