MGM hotels hack sees 10.6 million customer accounts exposed

Names, address and passport details for the rich and famous found on a hacking forum, according to reports

The personal details of 10.6 million guests who stayed at MGM Resorts hotels have surfaced online after hackers accessed the chain's servers in July 2019. 

Names, addresses and passport details for guests up to 2017 were spotted on a hacking forum by Under the Breach, a soon-to-be-launched data breach monitoring platform that reported the find to ZDNet.  

MGM is the owner of a number of luxury in hotels in Las Vegas, and also elsewhere in the US, China and Japan. Its main Vegas hotel, the MGM Grand, is a popular destination for celebrities and often holds casino tournaments as well as the biggest boxing matches of the year - Tyson Fury will take on Deontay Wilder this weekend. 

Advertisement - Article continues below

The company confirmed it had been attacked in July 2019 and that it had notified affected customers a month later. The source of the leak is said to be a cloud server, which ZDNet suggested was misconfigured. IT Pro has contacted MGM for comment. 

"Last summer, we discovered unauthorised access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts," the chain told ZDNet. "We are confident that no financial, payment card or password data was involved in this matter."

Advertisement
Advertisement - Article continues below

It is believed the personal information of high profile guests, such as Justin Bieber, Twitter founder Jack Dorsey and FBI agents have been found on the forum.

Related Resource

Your guide to managing cloud transformation risk

Realise the benefits. Mitigate the risks

Download now

While this is a large breach, it isn't as big as the one suffered by the Marriott chain of hotels which saw Chinese state actors access personal details and payment records for 500 million guests after it failed to properly patch a database for its Starwood brand of hotels. 

This is also the second report of hacking in Las Vegas this year after the city's security teams revealed they had thwarted a breach in January. 

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Most Popular

Visit/security/cyber-crime/355171/fbi-warns-of-zoom-bombing-hackers-amidst-coronavirus-usage-spike
cyber crime

FBI warns of ‘Zoom-bombing’ hackers amid coronavirus usage spike

31 Mar 2020
Visit/security/data-breaches/355173/marriott-hit-by-data-breach-exposing-personal-data-of-52-million
data breaches

Marriott data breach exposes personal data of 5.2 million guests

31 Mar 2020
Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020