Macau’s gaming operators have recently been put on alert after several US gaming companies were targeted by hackers.
According to sources close to Macau’s gaming operators, the city’s gaming companies have conducted internal security checks to prevent the exploitation of cybersecurity vulnerabilities.
One source told AGB that Sands China had instructed the marketing team to change their social media passwords, especially those that had been shared with collaborators.
MGM China also conducted a cybersecurity system check to reduce the risk of cyberattacks. Another source confirmed that casinos operated by MGM China had not been affected by a recent cybersecurity incident involving its parent company. The cybersecurity insider points out that gaming operators in Macau have highly mature systems to prevent hacker attacks, and daily security checks are also conducted at very high levels.
The Macau Cybersecurity Law (MCSL) came into effect on December 21st, 2019. The law was established to mitigate threats to computer networks and critical infrastructures essential to Macau. It requires companies operating in 12 vital industry sectors to enforce protective measures.
The insider notes that since the implementation of the Cybersecurity Law, Macau’s overall cybersecurity has improved significantly.
A recent cybersecurity incident led to the shutdown of some computer systems at MGM Resorts International properties across the United States. MGM Resorts is the controlling shareholder of MGM China.
The cyberattack occurred on a Sunday. According to reports, a hacking group called Scattered Spider is believed to be responsible for the incident, prompting a probe by US law enforcement officials.
Days after MGM Resorts suffered cyberattacks, another American gaming operator, Caesars Entertainment, reported that hackers had stolen a substantial amount of customer data in a recent cyberattack.
The hotel and casino giant reportedly paid tens of millions in ransom after the hackers obtained driver’s license numbers and Social Security numbers from a company database.
The cause and full impact of the breaches remain unclear.
