Hotel and gaming company MGM Resorts is grappling with a cybersecurity issue that has caused an outage across its properties.
“Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter,” the company said in a Monday (Sept. 11) post on X, formerly Twitter.
— MGM Resorts (@MGMResortsIntl) September 11, 2023
MGM Resorts added in the post that it is investigating the issue with assistance from leading external cybersecurity experts.
“We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems,” the company said in the post.
The incident has affected various systems, TechCrunch reported Monday.
Guests at MGM’s Las Vegas casinos have reported that ATM cash dispensers and slot machines have been affected, leading to outages, according to the report. Additionally, hotel restaurants are only accepting cash payments, and guests are unable to charge expenses to their rooms. The incident has also rendered digital room keys unusable.
MGM Resorts website was unavailable Monday afternoon and instead showed only a page apologizing for the inconvenience and listing phone numbers for 19 of the company’s properties.
The cybersecurity issue appears to have affected all of MGM Resorts’ Las Vegas properties, including well-known establishments such as Aria, the Bellagio, Luxor, MGM Grand and Mandalay Bay, TechCrunch reported. The incident has also impacted MGM’s properties outside of Las Vegas, with websites for regional resorts, including MGM Springfield, MGM National Harbor and the Empire City Casino, being offline Monday afternoon.
Specific details regarding the cyberattack, including the nature of the breach and whether any data has been exfiltrated, remain unknown, per the report. MGM Resorts has not said when its computer systems are expected to be fully restored.
This is not the first time MGM Resorts has faced a significant cybersecurity incident. Last year, the company experienced a data breach that resulted in the personal information of over 140 million guests being shared on Telegram, according to the report.
In 2020, following a report saying information on 10.6 million guests was compromised, the company admitted it had experienced a data breach in the summer of 2019.