September cyberattack caused $100M loss for MGM Casino in Las Vegas

Oct. 6 (UPI) -- A cyberattack against the MGM Casino in Las Vegas, Nev., resulted in a financial loss of about $100 million, according to a Securities and Exchange Commission filing Thursday.

The attack, which happened in September, resulted in the exposure of personal information from an undisclosed number of MGM customers, including date of birth, phone numbers, email addresses and postal addresses, along with driver's license numbers.

Some customer's passport numbers, and social security numbers were also obtained via the breach.

"The Company believes that the operational disruption experienced at its affected properties during the month of September will have a negative impact on its third quarter 2023 results, predominately in its Las Vegas operations, and a minimal impact during the fourth quarter," MGM said in the SEC filing, Thursday.

"The types of impacted information varied by individual. At this time the Company does not believe customer passwords, bank account numbers, or payment card information were obtained by the criminal actors."

The breach resulted in slot machines being shut down, key cards malfunctioning, and employees temporarily losing access to their work email accounts.

The company said it has restored customer-facing service and that its insurance will cover the losses incurred.