MGM Security Breach Exposes Personal Information of More Than 10 Million Guests

MGM Security Breach Exposes Personal Information of More Than 10 Million Guests

  • Personal details of over 10.6 million guests who stayed at MGM hotels have been published on a hacking forum this week
  • According to MGM, the hack mostly exposed contact information - names, addresses, and passport numbers
  • Twitter Founder Jack Dorsey and Justin Bieber were among the impacted ones

Personal information of more than 10.6 million guests who stayed at MGM Resorts hotels have been posted on a hacking forum.

News website ZDNet was the first to report the incident on Wednesday, saying the stolen details were published on a hacking forum this week. MGM confirmed that the hack happened.

The breach happened last summer, but went under the radar quickly until the hacking forum brought it to everyone’s attention again.

The hack mostly exposed such information as names, address, and passport numbers of guests who stayed at MGM. Twitter founder Jack Dorsey and Justin Bieber were among the targeted ones, but also tourists, reporters, and FBI agents.

According to MGM’s statement, no financial information has been disclosed.

The hospitality company said it couldn’t determine the exact number of affected people because the details that were revealed might have been duplicated.

“Last summer, we discovered unauthorized access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts. We are confident that no financial, payment card or password data was involved in this matter,” a spokesperson for MGM Resorts said.

MGM informed around 1,300 former guests whose more delicate information such as passport numbers were revealed on the forum of the said incident.

Another 52,000 guests were notified that less sensitive personal details were exposed. However, this is only a small percentage of those affected.

After the security breach last summer, MGM Resorts hired two cybersecurity forensics companies to carry out an internal investigation, said the resort chain.

“At MGM Resorts, we take our responsibility to protect guest data very seriously, and we have strengthened and enhanced the security of our network to prevent this from happening again,” MGM said.

Security researcher Under the Breach was the company that found the leak and pointed out the highly sensitive nature of the attack.

The exposed information includes contact details of many high-profile individuals, working for big technology companies and governments around the world. These individuals are now exposed to the risk of getting spear-phishing emails, and being SIM swapped, according to Under the Breach.

By Michael Harris
I began trading in my early 20's at a local company and since then have combined my knowledge and love of content to become a news writer. I am passionate about bringing insightful articles to readers and hope to add some value to your portfolios!

Investing is speculative. When investing your capital is at risk. This site is not intended for use in jurisdictions in which the trading or investments described are prohibited and should only be used by such persons and in such ways as are legally permitted. Your investment may not qualify for investor protection in your country or state of residence, so please conduct your own due diligence. This website is free for you to use but we may receive commission from the companies we feature on this site. Click here for more information.