MGM Resorts Stands Firm: Refuses to Pay Ransom Money to Hackers in Accordance with FBI Guidance
Las Vegas, NV — In a bold stance against cybercriminals, MGM Resorts International (NYSE: MGM), one of the world’s leading hospitality and entertainment companies, has announced its refusal to pay any ransom money to hackers who recently targeted its digital infrastructure. The decision aligns with guidance from the Federal Bureau of Investigation (FBI) and underscores MGM’s commitment to cybersecurity and ethical business practices.
The cyberattack, which came to light earlier this week, disrupted several of MGM’s internal systems, including email servers and employee data. The hackers responsible for the breach allegedly demanded a significant ransom payment in exchange for not releasing sensitive information and restoring the affected systems.
MGM Resorts promptly engaged its cybersecurity team and sought assistance from the FBI to investigate the breach and mitigate the impact. In a joint effort with federal authorities, the company conducted a thorough analysis of the attack’s scope and the potential risks associated with paying a ransom.
MGM Resorts’ refusal to meet the hackers’ demands echoes the FBI’s position on ransom payments. The FBI strongly discourages victims of cyberattacks from paying ransoms, as it may encourage further criminal activities and does not guarantee the return of stolen data or the complete restoration of compromised systems.
Bill Hornbuckle, CEO and President of MGM Resorts International
Expressed the company’s unwavering commitment to cybersecurity and its dedication to protecting customer and employee data. He stated, “MGM Resorts takes the security and privacy of our guests, employees, and partners very seriously. We will not negotiate with criminals, and we will not compromise on our cybersecurity principles.”
Hornbuckle further emphasized that MGM Resorts is working diligently to strengthen its cybersecurity measures and fortify its digital defenses against future threats. The company is collaborating with leading cybersecurity experts to ensure the highest level of protection for its systems and data.
The decision to resist ransom demands sends a clear message that MGM Resorts is committed to ethical practices and will not engage in transactions that support criminal activities. By taking this stance, the company aims to deter cybercriminals and protect its stakeholders from potential harm.
The cyberattack on MGM Resorts serves as a stark reminder of the growing threat posed by cybercriminals to businesses worldwide. As organizations continue to face evolving cybersecurity challenges, taking a proactive and principled approach becomes paramount to safeguarding sensitive information and maintaining the integrity of digital infrastructure.
MGM Resorts’ refusal to pay ransom money stands as a testament to its dedication to cybersecurity best practices and its unwavering commitment to the well-being of its employees, customers, and partners. As investigations into the breach continue, the company remains focused on strengthening its defenses and preventing future cyber threats.
Las Vegas, NV — MGM Resorts International has made headlines by steadfastly refusing to meet the ransom demands of hackers who targeted the company in a cyberattack detected on September 10. This decision is in line with guidance from the Federal Bureau of Investigation (FBI) and underscores MGM’s commitment to cybersecurity and ethical business practices.
The cyberattack, which caused significant disruption to MGM Resorts’ operations across the United States, is estimated to have resulted in damages totaling approximately $100 million, as reported by The Wall Street Journal.
MGM Resorts acted swiftly following the cyber intrusion, which impacted various aspects of its operations, including disruptions to slot machines, interruptions in online hotel bookings, and interference with other online systems. Despite the significant financial losses incurred, the company refused to negotiate with the hackers, opting to follow the FBI’s advice against ransom payments.
The FBI strongly discourages victims of cyberattacks from paying ransoms, citing concerns that doing so may not guarantee the recovery of stolen data or the restoration of compromised systems. Furthermore, paying ransoms can inadvertently incentivize cybercriminals and lead to further illegal activities.
MGM Resorts’ decision to stand firm against ransom demands highlights its commitment to cybersecurity best practices and ethical conduct in the face of adversity. The company remains dedicated to protecting the interests of its customers, employees, and partners, even in challenging circumstances.
Efforts to mitigate the impact of the cyberattack and restore normal operations were successful, with the company’s systems back online. Guest-facing operations, which had to be temporarily conducted manually during the disruption, have also been fully restored.
While MGM Resorts may face significant financial losses due to the cyberattack, the company plans to utilize its insurance policy to cover these damages, ensuring the integrity of its annual performance. Bill Hornbuckle, CEO and President of MGM Resorts International, reassured customers that their bank and payment card data remained secure throughout the incident.
However, the hackers did manage to access information belonging to customers who had conducted business with MGM Resorts prior to March 2019. This data included names, addresses, driver’s license details, and other personal information. In response, MGM Resorts expressed regret for the incident and issued a sincere apology to those affected, emphasizing the paramount importance of customer trust.
The company has also committed to reaching out to customers impacted by the breach. In taking these steps, MGM Resorts demonstrates its commitment to transparency, responsibility, and maintaining the trust of its valued customers.
While the cyberattack on MGM Resorts resulted in significant financial losses and the compromise of some customer data, the company’s principled stance against paying hackers’ ransoms underscores its unwavering commitment to cybersecurity and ethical business practices. In an increasingly digital world, such principled actions serve as a model for organizations facing cybersecurity challenges.
Customer Data Breach and Firm Response
Las Vegas, NV — MGM Resorts International revealed that the recent cyberattack on the company led to the unauthorized access of customer data, including names, phone numbers, addresses, dates of birth, and driver’s license numbers of individuals who had conducted business with MGM prior to March 2019. In a letter addressed to affected customers, CEO Bill Hornbuckle also disclosed that some guests’ social security and passport numbers were among the compromised information.
The cyberattack, detected in September, caused significant disruptions to MGM Resorts’ operations and incurred substantial financial losses. The company’s swift response, which included not paying a ransom to the hackers, was guided by the Federal Bureau of Investigation (FBI), which advises against making ransom payments to cybercriminals. This principled stance aligns with the FBI’s recommendations and aims to discourage future illegal activities by hackers.
Despite the disruptions caused by the cyberattack, MGM Resorts did not compromise its ethical standards and prioritized the security and trust of its customers. While the breach resulted in the theft of customer data, the company confirmed that no bank account or credit card numbers were stolen, thanks to its prompt response to the breach. The company has expressed deep regret for the incident and issued a sincere apology to those affected.
The cyberattack had a significant impact on MGM Resorts’ operations, with various disruptions reported, including slot machines going offline, elevator outages in MGM-operated hotels, hotel room key malfunctions, inoperable hotel phones, and a temporary crash of MGM’s official website.
MGM Resorts incurred costs associated with mitigating the effects of the cyberattack, including expenses for remedial technology consulting, legal counsel, and advisory services. These costs, which amounted to less than $10 million, demonstrate the company’s commitment to addressing the incident’s aftermath.
MGM Resorts remains focused on safeguarding the interests of its customers, employees, and partners. The company’s unwavering dedication to cybersecurity and ethical business practices sets an example for organizations facing similar challenges in today’s digital landscape. As the world continues to grapple with cyber threats, MGM Resorts’ principled response serves as a testament to the importance of prioritizing security, transparency, and trust in the face of adversity.
Conclusion
MGM Resorts’ resolute decision to refuse paying ransom money to hackers, despite the significant disruptions and financial losses incurred during a recent cyberattack, underscores the company’s commitment to ethical principles and cybersecurity. By aligning with the Federal Bureau of Investigation’s guidance against making ransom payments, MGM Resorts has demonstrated its dedication to discouraging cybercriminal activities and protecting the trust and security of its customers.
The cyberattack, which exposed customer data, including personal information and identification details, prompted a swift and comprehensive response from MGM Resorts. The company’s CEO, Bill Hornbuckle, provided transparency by openly acknowledging the breach, detailing the compromised data, and assuring customers that no bank account or credit card information was stolen due to the rapid response.
MGM Resorts’ decision to prioritize cybersecurity and customer trust over ransom payments sets a valuable example for other organizations facing similar challenges in an increasingly digital world. By adhering to FBI guidance and refusing to reward hackers, the company reinforces the importance of ethical conduct and security measures in today’s evolving cybersecurity landscape.
As cyber threats continue to evolve, organizations must remain vigilant in their efforts to protect sensitive data and uphold the trust of their stakeholders. MGM Resorts’ unwavering stance serves as a reminder that ethical principles, transparency, and cybersecurity are essential components of maintaining trust and integrity in the face of cyberattacks.