Hackers say they stole 6 terabytes of data from casino giants MGM,
Caesars
Send a link to a friend
 [September 15, 2023]
By Zeba Siddiqui
(Reuters) -The Scattered Spider hacking group said on Thursday it took
six terabytes of data from the systems of multi-billion-dollar casino
operators MGM Resorts International and Caesars Entertainment as both
companies probed the breaches.
Speaking to Reuters via the messaging platform Telegram, a
representative for the group said it did not plan to make the data
public, and declined to comment on whether it had asked the companies
for ransom. "If MGM wish to release that information they will. We do
not do that," the person said.
The group's contact was provided to Reuters by a cybersecurity expert
who runs an online repository of malware samples called "vx-underground",
and declined to be named. Caesars and MGM did not respond to requests
for comment on the amount of the data that was breached.
Caesars reported to regulators on Thursday it had found that on Sept. 7
hackers took data on a significant number of its loyalty program
members, including "driver’s license numbers and/or social security
numbers." Earlier, Bloomberg and The Wall Street Journal reported that
Caesars had paid ransom, but Caesars declined a Reuters request for
comment on the matter.
Earlier, MGM said it was working with law enforcement on resolving a "cybersecurity
issue."
Scattered Spider, also known as UNC3944, is one of the most disruptive
hacking outfits in the United States, according to Google's Mandiant
Intelligence.
Several security analysts have drawn attention to the group over the
past year for its effective social engineering tactics. It is known to
reach out to a target an organization's information security teams by
phone, pretending to be an employee needing their password reset.
[to top of second column]
|
An exterior view of Park MGM hotel and casino, after MGM Resorts
shut down some computer systems due to a cyber attack in Las Vegas,
Nevada, U.S., September 13, 2023. REUTERS/Bridget Bennett
"They tend to have most of the information they need before that
call to the helpdesk - that is the last step," said Marc Bleicher, a
security analyst who has conducted forensic investigations into such
hacks before.
Mandiant has linked Scattered Spider to over 100 intrusions in the
last two years at companies ranging from gaming and technology firms
to retailers, telecom and insurance firms, Charles Carmakal, chief
technology officer at Mandiant told Reuters.
The group's members appeared to be scattered across several Western
countries, he added.
Caesars said the breach resulted from a "social engineering attack"
on an IT vendor the company used. It didn't quantify the financial
impact.
Operations at MGM, one of the world's largest casino and hotel
operators, were still disrupted four days after news of the hack
emerged. Social media posts had visuals of slot machines showing
error messages at its Las Vegas casinos.
Some analysts believe Scattered Spider is a subgroup of the ALPHV, a
ransomware hacking outfit that emerged in Nov. 2021, according to
Mandiant.
The FBI said it was investigating the incidents at MGM and Caesars,
and declined further comment.
(Reporting by Zeba Siddiqui in San Francisco, Christopher Bing in
Washington, and Priyamvada C and Abhijith Ganapavaram in Bengaluru;
Editing by Krishna Chandra Eluri and David Gregorio)
[© 2023 Thomson Reuters. All rights
reserved.]This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
 |
