MGM Resorts Reaches Settlement After Major Data Breach Exposes Millions of Customer Records

MGM Resorts, a leading hotel and casino operator, has reached a significant settlement of $45 million to resolve multiple class-action lawsuits stemming from two major cyberattacks that compromised personal data belonging to millions of customers. This decision, made on January 21, has garnered attention as it highlights the growing concerns surrounding data security in the hospitality industry.

Details of the Settlement

The settlement was documented in a recent court filing and is awaiting approval from a Las Vegas federal court, with a ruling expected on June 18. This agreement is particularly noteworthy given the scale of the data breaches that MGM Resorts experienced in both 2019 and 2023.

Overview of the Data Breaches

• 2019 Cyberattack: Hackers infiltrated MGM’s systems, stealing sensitive customer information including names, home addresses, and phone numbers. This breach was confirmed by MGM in 2020 after a portion of the stolen data was leaked on a prominent cybercrime forum.
• 2023 Ransomware Attack: A more severe incident occurred, causing extensive operational disruptions across several MGM properties, such as the Bellagio, Aria, and Cosmopolitan. This attack not only led to system outages but also resulted in the theft of personal information, including Social Security and passport numbers. The financial impact of this incident exceeded $100 million in damages for MGM.

Impact on Customers

Legal representatives for the class action plaintiffs indicated that the two breaches collectively affected over 37 million customers of MGM Resorts. Despite the scale of the incidents, MGM has not disclosed the exact number of individuals impacted. MGM spokesperson Brian Ahern has not provided comments regarding this issue to TechCrunch.

Distribution of the Settlement Fund

The $45 million settlement will allocate approximately 30% of the total amount towards attorney fees. Class action participants may receive up to $75 each, depending on the nature of the personal information that was compromised.

Protecting Your Personal Information

As cyberattacks continue to rise, it is vital for consumers to stay vigilant. Here are a few tips to help safeguard personal information:

1. Regularly monitor your financial accounts for suspicious activity.
2. Utilize strong, unique passwords for different accounts.
3. Enable two-factor authentication wherever possible.
4. Stay informed about data breaches affecting companies you use.

For more information on data protection and cybersecurity, consider visiting Cybersecurity & Infrastructure Security Agency.

As the situation develops, MGM Resorts aims to bolster its security measures to prevent future breaches and protect the sensitive information of its customers. Stay tuned for updates regarding the court’s decision on the settlement.