MGM Resorts outage continues as FBI launches investigation

MGM is still suffering from a cyberattack

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A cyberattack attributed to hacker group Scattered Spider has caused an outage across MGM Resorts International’s computer systems, affecting some casino and hotel computer systems including the company’s website.

An error message on the website reads: “The MGM Resorts website is currently unavailable. We apologize for the inconvenience.” Users are instead directed to mobile applications and third-party services to access certain parts of the company’s offerings.

The “cybersecurity issue,” which has been ongoing since September 11, remains under investigation with even the FBI stepping in.

Major MGM outage being investigated

The FBI confirmed on September 13 that it had started investigating the incident (viaReuters), while MGM posted toXearlier this week: “Our investigation is ongoing and we are working diligently to determine the nature and scope of the matter.”

MGM’s website is currently directing restaurant customers to make reservations via its app, and for resident artist, production show, or attraction bookings to be made via Ticketmaster. Customers seeking UFC, Las Vegas Aces, Vegas Golden Knights, and Arena-based concert events are being told to use AXS.

Mandiant Intelligence’s CTO, Charles Carmakal, spoke onLinkedInabout the group, also known as UNC3944, calling it “one of the most prevalent and aggressive threat actors impacting organizations in the United States today.”

Carmakal said the cybersecurity company would publish more details about the group soon.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

In the meantime,Reutersreferred to a previous Crowdstrike blog post offering insight into the group’s activity: “Identified by analysts last year, this group uses social engineering to lure users into giving up their login credentials or one-time-password (OTP) codes to bypass multi-factor authentication.”

More broadly, aBloombergreport citing four people familiar with the matter stated that the same group was responsible for a Caesars Entertainment Inc. breach just a few weeks ago. Anotherarticlesuggests that Caesars paid “tens of millions” to the hackers responsible and has plans to “disclose the cyberattack in a regulatory filing imminently.”

More from TechRadar Pro

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)