MGM is down, cybersecurity attack ongoing

bsimpson 2 years ago |

Title should be "MGM Resorts Suffers Cybersecurity Attack, System Outage" (following HN norms), or at least include "Resorts." MGM Resorts was spun out of the movie studio in like the 70s.

basch 2 years ago | |

MGM is basically a defunct rights holding company. It’s made 5 movies in the last decade, including 2 Addams Family, 2 Max (dog movies), and a GI Joe, and the Addams Family movies were really Made by Universal. It’s also a name slapped on some other streaming app.

If I heard the name referring to a current company, I would think hotels/casinos/sportsbooks first. That said, the title could still be better.

aquova 2 years ago | | |

I don't really know where you're getting this number. By my count they've made about three dozen films this decade, including a James Bond film and Creed III.

basch 2 years ago | | |

Youre right that my list is wrong.

Downside to HN not having editing and deleting, is I cant retract my misinformation. And I earned 7 votes for that nonsense. :/

downrightmike 2 years ago | | |

Further proof: They have StarGate and aren't doing jack with that at all.

system2 2 years ago | | |

While Star Trek releasing new series every year including cartoons, Stargate didn't release anything. It has so much potential and large fanbase (myself included).

dharmab 2 years ago | | |

There's a new Stargate series in development. There's promotional stuff happening at /r/stargate

RC_ITR 2 years ago | | |

Amazon literally just bought them for $8bn

https://variety.com/2022/tv/news/amazon-mgm-merger-close-123...

bettercallsalad 2 years ago | | |

Did not Amazon at some point buy or thought about buying up some of their business?

BryantD 2 years ago | | |

Yep. Amazon bought MGM Holdings in March, 2022. The studio is the only meaningful portion of that.

They’re no longer considered a major U.S. studio but they release 8-10 films a year.

babyshake 2 years ago | | |

Yes, because I remember thinking that we would eventually be getting a bloated James Bond extended universe of shows (like Star Wars and Marvel) because of it.

sschueller 2 years ago | |

Agreed, I thought it had something to do with the on going actors and writers guilds strike.

dylan604 2 years ago | | |

I thought maybe it was hacking to get content. So at least the title instilled a bit of curiosity even if it wasn't the story I had imagined from just the headline

netsharc 2 years ago |

Ocean's 0x11? I wonder if it's just an attack against their email servers or a bigger one, how networked are their operations? If we believe the urban legends about how casinos operate, there's probably interesting conversations a cyber-attacker could find.

mickdarling 2 years ago | |

I was disturbed to hear from people first hand in Vegas saying it was making the ATMs inoperable. No details on how inoperable, like if it is just certain banking features or everything. The ATMs should not be effected in the same kind of attack that would take down the website and booking systems. Those should all be separate.

plasticsoprano 2 years ago | | |

Casino floor ATMs aren't just ATMs. They are also ticket redemption machines and therefore have to connect to the MGM network to redeem. I'd imagine the whole machine shutdown for security reasons if network connection is lost.

mickdarling 2 years ago | | |

Yes, I think that MGM has actively shut everything down, rather than some massive hack that has effected all these separate systems.

Best guess is that with the F1 races coming soon with what is expected to be the largest cashflow through Vegas ever, that MGM Resorts IT found issues in an audit in preparation for that massive event, found anomalies, and pulled the rip cord to shut everything down till they could sort out what systems were actually hit.

That is materially different than a massive hack effecting all these various systems though.

plasticsoprano 2 years ago | | |

MGM has acknowledged it's an attack [1] and certain vegas gossip sites have stated that Caesars was hit last hit last week but was able to keep it better under wraps.

1. https://www.reviewjournal.com/business/casinos-gaming/mgm-re...

mickdarling 2 years ago | | |

Right, they say almost exactly what I said above.

"MGM Resorts recently identified a cybersecurity issue affecting some of the Company’s systems. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts,”

"We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems."

The systems are down due to MGM shutting them down, not the active attack shutting things down.

imglorp 2 years ago | | |

While there's something to be said for ransomware targeting casinos, "because that's where the money is," that might also attract the wrong attention, and not all from the government. They might wish it was only from the government.

https://www.politico.com/news/2022/01/14/russia-colonial-pip...

wolverine876 2 years ago | | |

> Best guess is that with the F1 races coming soon with what is expected to be the largest cashflow through Vegas ever, that MGM Resorts IT found issues in an audit in preparation for that massive event, found anomalies, and pulled the rip cord to shut everything down till they could sort out what systems were actually hit.

That is quite a guess!

dboreham 2 years ago | | |

Possibly the ATMs get network connectivity via a path that has either been affected by the attack directly or shut down as a precaution.

wintogreen74 2 years ago | | |

I don't believe these are typical bank ATMs but specific to MGM that manage all the casino games (ex: pay-outs, loyalty, etc) as well, so would be tied into any MGM systems.

IAmGraydon 2 years ago | | |

It’s entirely possible that these systems were hacked separately.

lucisferre 2 years ago | |

I think you meant 0x0B.

_joel 2 years ago | | |

beat me to it, unless I've missed a few movies since!

petemir 2 years ago | | |

Actually it would be 0x0E, 0x0B, 0x0C, and 0x0D already happened.

jjkaczor 2 years ago | |

Very networked - but their email servers are now likely cloud-based SaaS.

zie 2 years ago | | |

;; ANSWER SECTION: mgmresorts.com. 300 IN MX 10 mgmresorts-com.mail.protection.outlook.com.

Outlook handles their email.

mixdup 2 years ago | |

almost certainly just a random/typical ransomware attack, not a specific target at them because they're a casino

abathur 2 years ago |

Take w/ requisite salt, but per Daily Mail [1]:

> Thousands of guests at MGM Resorts in the Las Vegas strip have been locked out of their hotel rooms after the company was hit with a cyber attack, according to reports.

> MGM Resorts International has about 48,000 rooms on The Strip. The company's properties include Mandalay Bay, the Bellagio, Luxor and MGM Grand, among others.

> The outage, first detected on Sunday night, has affected company emails, reservations, booking, room keys and casino slot machines.

[1]: https://www.dailymail.co.uk/news/article-12505921/MGM-Resort...

dafelst 2 years ago |

I was at the Park MGM is Las Vegas yesterday and was unable to use the app or the automated checkout kiosks, though aside from the front desk being more busy than usual during checkin and checkout, nothing in particular seemed amiss.

codex_irl 2 years ago |

tpmx 2 years ago |

I'm currently rewatching the Las Vegas (2003) NBC TV series (the one with James Caan, Josh Duhamel, James Lesure, Molly Sims, Nikki Cox, Vanessa Marcil etc). Feels on-brand; like every second ep is about some fantastic heist.

It's worth rewatching as a guilty pleasure, IMO. Feels quite alien compared to current fare. It's dumb but well-crafted, fun and glitzy and never takes itself too seriously. I miss that kind of show.

Surprisingly high production values for the time. It's available in 1080p with decent quality, somehow.

photonthug 2 years ago |

Maybe most of the LED displays are run by the same IT department. So if I were an evil genius, this latest attack would be only the first salvo of bewildering hijinks perpetrated in the service of a multistep heist. The ultimate goal: rickroll the entire city after hijacking The Sphere ( https://www.youtube.com/watch?v=sLCeYV0SV8k&ab_channel=Billi... )

tilne 2 years ago | |

How many people would you need for such an elaborate, multi-step heist? Especially wondering because, given your reputation, I’m assuming you would need a to be more of a puppet master than an active participant.

RyanAdamas 2 years ago |

Does somebody have a magnetron?

karaterobot 2 years ago |

The linked article is down, here's an archive https://web.archive.org/web/20230911174437/https://www.casin...

Though the article itself says details are scant, so it's just going to be speculation. I'd love to know what happened though.

Animats 2 years ago |

Almost all news available is an echo of the press release. Not much real info.

nhggfu 2 years ago |

lots of igaming hacks of late.

other notables: Australia's crown resorts was hacked a while back (March 2023) https://gamblingindustrynews.com/news/australia/crown-potent...

Last week stake.com was hacked https://gamblingindustrynews.com/news/technology/stake-com-4... (apparently by Lazarus group according to FBI https://www.fbi.gov/news/press-releases/fbi-identifies-lazar... )

tunnuz 2 years ago |

Makes me think of the Sony hack by the Lazarus Group.

nosmokewhereiam 2 years ago | |

Allegedly due to the release of a movie. I'd assume this MGM resort is extortion/DOS.

...which doesn't eliminate them. Recent visits and timing would be impeccable.

Every day they are down is $$$$$$

hnburnsy 2 years ago |

Rumors that Ceasars was hit last week...

https://www.casino.org/vitalvegas/mgm-resorts-receives-colos...

VFIT7CTO77TOC 2 years ago |

Reminds me of https://money.cnn.com/2015/02/27/technology/security/iran-ha...

monksy 2 years ago |

This is the same group that brought in face recognition, and needlessly detailed data keeping on every customer and we're expected to trust them .. right?

bigbillheck 2 years ago |

If they're going to shut something down, better a casino than anywhere else.

allenrb 2 years ago | |

Was just coming here to say it: And nothing of value was lost.

andy800 2 years ago | | |

Your opinion is valid, however I'm currently on a plane heading there, likely a third of the passengers won't be able to check into their hotel. Same with dozens of planes. Kinda sucks for them.

dylanz 2 years ago | | |

I live in Vegas and it also sucks for all the local MGM employees that are getting called in to have to deal it. That said, I hope things get figured out and your trip goes well!

andy800 2 years ago | | |

I'll be fine, thanks. The context from allenrb is that casinos have no value to society, so that eliminating them (and therefore all the related jobs) is not a loss to anyone. That includes the employees you are referring to in your comment, and without much regard for the people heading there for a vacation.

allenrb 2 years ago | | |

That will suck for sure. Hopefully they’ll be handing out some form of compensatory goodies to make up for it a bit.