Casino Operators Caesars and MGM Still Reeling From Cyber Attacks
Caesars confirms breach of its loyalty program database; MGM website and operations at many properties remain down.
Joey Solitro
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Delivered daily
Kiplinger Today
Profit and prosper with the best of Kiplinger's advice on investing, taxes, retirement, personal finance and much more delivered daily. Smart money moves start here.
Sent five days a week
Kiplinger A Step Ahead
Get practical help to make better financial decisions in your everyday life, from spending to savings on top deals.
Delivered daily
Kiplinger Closing Bell
Get today's biggest financial and investing headlines delivered to your inbox every day the U.S. stock market is open.
Sent twice a week
Kiplinger Adviser Intel
Financial pros across the country share best practices and fresh tactics to preserve and grow your wealth.
Delivered weekly
Kiplinger Tax Tips
Trim your federal and state tax bills with practical tax-planning and tax-cutting strategies.
Sent twice a week
Kiplinger Retirement Tips
Your twice-a-week guide to planning and enjoying a financially secure and richly rewarding retirement
Sent bimonthly.
Kiplinger Adviser Angle
Insights for advisers, wealth managers and other financial professionals.
Sent twice a week
Kiplinger Investing Weekly
Your twice-a-week roundup of promising stocks, funds, companies and industries you should consider, ones you should avoid, and why.
Sent weekly for six weeks
Kiplinger Invest for Retirement
Your step-by-step six-part series on how to invest for retirement, from devising a successful strategy to exactly which investments to choose.
Casino operators Caesars Entertainment and MGM Resorts are working with law enforcement investigators as they continue to grapple with the impact of recent separate cyber attacks.
The cybersecurity breaches were reported within days of each other and follow several other high-profile cyber attacks in several industries. These include hacks of a third-party database serving Johnson & Johnson’s Janssen CarePath; a data file sharing service that affected millions including recipients of Medicare; and of a cloud-storage environment related to online password management service LastPass.
In a Sept. 14 Securities and Exchange Commission (SEC) filing, Caesars said that it is still investigating the scope of the breach but that on Sept. 7 an unauthorized actor acquired a copy of its loyalty program database, including information such as driver’s license numbers and/or social security numbers for a “significant number” of members.
From just $107.88 $24.99 for Kiplinger Personal Finance
Become a smarter, better informed investor. Subscribe from just $107.88 $24.99, plus get up to 4 Special Issues
Sign up for Kiplinger’s Free Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
“We have no evidence to date that any member passwords/PINs, bank account information or payment card information were acquired by the unauthorized actor,” Caesar said in the filing. The company said it will notify those affected by the breach on a rolling basis in the coming weeks.
The company said it recently identified suspicious activity in its information technology (IT) network resulting from a social engineering attack on an outsourced IT support vendor that it used. Caesars said its customer-facing operations including physical properties and online and mobile gaming applications were affected by the breach but that they continue without disruption.
Certain MGM properties closed following attack
At MGM, meanwhile, certain systems at properties nationwide remain shuttered following a cyber attack publicly revealed on Sept. 12. In a statement, the casino operator said it is taking steps to protect its systems and data including shutting down certain systems.
MGM’s shut down included its reservation systems, booking systems, hotel electronic key card systems and the casino floors, according to a CNBC report.
“We continue to work diligently to resolve our cybersecurity issue while addressing individual guest needs promptly,” MGM posted on X.com on Sept. 14.
The MGMResorts.com website was a static webpage as of noon on Sept. 14, but it directed users to download the MGM Rewards app for restaurant options and reservations; to visit Ticketmaster.com to reserve a show or attraction; or visit AXS.com to buy tickets for UFC, Las Vegas Aces, Vegas Golden Knights or concerts.
MGM also said it is waiving change and cancellation fees for hotel reservations for those arriving Sept. 13-17.
Caesars is offering free credit monitoring and identity theft protection services to all loyalty program members. To sign up, call (888) 652-1580 Monday through Friday except on holidays.
Caesars also set up a website to address frequently asked questions about the incident.
RELATED CONTENT
-
How Much It Costs to Host a Super Bowl Party in 2026Hosting a Super Bowl party in 2026 could cost you. Here's a breakdown of food, drink and entertainment costs — plus ways to save.
-
3 Reasons to Use a 5-Year CD As You Approach RetirementA five-year CD can help you reach other milestones as you approach retirement.
-
Your Adult Kids Are Doing Fine. Is It Time To Spend Some of Their Inheritance?If your kids are successful, do they need an inheritance? Ask yourself these four questions before passing down another dollar.
