MGM Hack Exposes Personal Data of Over 10 Million Hotel Guests: Report

By Indo-Asian News Service | Updated: 20 February 2020 13:24 IST

MGM has confirmed the data breach

Highlights

Hackers compromised personal data of more than 10.6 million users
Details include full names, home addresses, phone numbers
The guests include Twitter CEO Jack Dorsey, pop star Justin Bieber

Hackers compromised personal data of more than 10.6 million users -- celebrities, tech CEOs and employees, reporters and government officials -- who stayed at the MGM Resorts hotels in Las Vegas last summer, and dumped the data online on a hacking forum. The leaked personal details include full names, home addresses, phone numbers, emails and dates of birth of high-profile guests, including Twitter CEO Jack Dorsey, pop star Justin Bieber and officials from the Department of Homeland Security (DHS) and the Transportation Security Administration (TSA), ZDNet reported on Thursday.

MGM Resorts hotels include Bellagio, Aria, MGM Grand, Mandalay Bay, Park MGM, Mirage, Luxor and Excalibur in Las Vegas and almost all of these are booked round the year for conferences, mostly related to technology.

ZDNet verified the authenticity of the data with MGM Resorts and it confirmed the incident occurred last year and affected guests were informed.

"We got confirmation from international business travellers, reporters attending tech conferences, CEOs attending business meetings, and government officials travelling to Las Vegas branches," said the report.

An MGM spokesperson confirmed the data breach.

"Last summer, we discovered unauthorised access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts. We are confident that no financial, payment card or password data was involved in this matter,' the spokesperson was quoted as saying.

MGM Resorts hired two cybersecurity forensics firms to conduct an internal investigation into last year's server exposure.

According to the hotel chain, it notified all impacted hotel guests in accordance with applicable state laws.

The leaked data is a treasure trove for contact details for many high-profile users, working for big tech firms and governments all over the world.

According to the report, these users are at a higher risk of receiving spear-phishing emails, and being SIM swapped.

In total, the MGM data dump contains personal details for 10,683,188 former hotel guests.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.