MGM Resorts

A Russian ransomware hacker group, entitled BlackCat, could be behind the MGM Resorts breach which has left the company with issues across its hotel and casino platform for days.

According to reports, the hack comprised a 10-minute phone call using an employee’s name, sourced from LinkedIn and conducted via a call to the Help Desk.

The group has reportedly claimed responsibility for the attack, noting that MGM ‘was defeated by a 10-minute conversation’.

However, MGM does not appear to have met the hackers’ demands.

According to Reuters, the FBI is now investigating the incident but has not provided further details.

In a statement issued on Tuesday, the company acknowledged the breach, noting that it ‘recently identified a cybersecurity issue affecting certain of the Company’s systems’.

It further stated that it promptly ‘began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and are taking steps to protect our systems and data, including shutting down certain systems’.

The investigation is ‘ongoing’ and the group says it will ‘continue to implement measures to secure its business operations and take additional steps as appropriate’.

The hack has already disrupted slot operations, hotel reservation systems and even parking, with experts noting that the company is losing money every second that it continues.

While certain parts of MGM Resorts’ websites have come back online, others continue to be non-functional, even as of Thursday morning.

MGM China has stated that it has not been affected by the breach, with all websites and booking services continuing to function as normal.