MGM Resorts, owner of the Mandalay Bay Resort and other Las Vegas properties, confirmed it was hit by a massive data breach. File photo by Ronda Churchill/UPI | License Photo
Feb. 20 (UPI) -- Personal details of more than 10.6 million customers who stayed at MGM Resort hotels were published online this week, a technology website and security research team reported.
The technology news website ZDNet and researchers from the data breach monitoring service Under the Breach said Wednesday that hackers had dumped the personal details of millions of former hotel guests into an online forum, making them freely available to anyone with access.
Among the data distributed were personal and contact details for celebrities, tech CEOs, reporters, government officials, and employees at some of the world's largest tech companies, the website reported.
MGM Resorts officials later confirmed the breach in an email sent to media outlets, stating, "We are confident that no financial, payment card or password data was involved in this matter. MGM Resorts promptly notified guests potentially impacted by this incident in accordance with applicable state laws."
MGM Resorts is one of the biggest hotel-casino operators in Las Vegas, where its properties include the MGM Grand, the Bellagio, ARIA and the Mandalay Bay Resort.
Among the celebrities whose information appeared in the data dump were Twitter CEO Jack Dorsey; pop star Justin Bieber; and Stephen Paddock, who killed 58 people after opening fire from the 32nd floor of the Mandalay Bay, NBC News reported.
The incident bore resemblances to a 2018 data breach of Marriott International's Starwood guest reservation database, which exposed the personal information of up to 500 million people.
in that case, the hackers accessed people's names, addresses, phone numbers, email addresses, passport numbers, dates of birth, gender, Starwood loyalty program account information, and reservation information. For some, they also stole payment card numbers and expiration dates.