MGM Hackers Say They Will Leak Any Stolen Guest Data If Ransom Not Paid

  • ALPHV has released a statement on its website, finally taking responsibility for the attack
  • The group said MGM actually shut down its own systems before the ransomware launched
  • Although uncertain if it has sensitive data, ALPHV said it will leak any if no ransom is paid
Hacker behind computer screen
The hacker group behind the MGM cyberattack has warned it will release sensitive stolen data if no ransom is paid. [Image:]

Hacker group ALPHV has officially taken responsibility for the MGM Resorts International cyberattack in a post to its website, warning that it will launch further attacks and release any sensitive data in its possession if the company does not reach out.

The affiliate of the BlackCat ransomware group said it began infiltrating MGM a week ago, causing the casino giant to shut down its systems on Sunday. This has caused mass disruption ever since, leaving withdrawals inactive, slot machines unusable, and hotel guests unable to check-in.

In fact, ALPHV said it only launched its ransomware attack the following day “after trying to get in touch but failing,” encrypting more than 100 ESXi hypervisors. Since then, the casino giant has supposedly failed to contact the group in any way despite a “victim chat” set up to open a dialogue.

exemplifies the company’s lack of care for its customers

While ALPHV stated it does not know if it has stolen any sensitive data from guests of MGM, it said that if it does not hear from the company it will release all relevant data online. The hackers shared their belief, however, that MGM would not pay the ransom. They said that this – along with alleged insider trading – exemplifies the company’s lack of care for its customers.

“This corporation is riddled with greed, incompetence, and corruption. You believe that this company is concerned with your privacy and well-being while visiting one of their resorts?” the group questioned. “Other lodging options, including casinos, are undoubtedly open and happy to assist you.”

Reports surfaced earlier this week that Caesars Entertainment also suffered an attack by ALPHV only recently. The casino company ultimately paid out millions, although the final amount is unconfirmed. ALPHV demanded $30m in that case.  

VegasSlotsOnline News recently spoke with a cybersecurity expert to get his insight into the MGM attack.

Leave a Reply

Your email address will not be published. Required fields are marked *