Lawsuit Filed Against MGM Resorts For Data Hacking Breach

MGM Resorts Hacked
  • A lawsuit is being filed against MGM Resorts for a cybersecurity breach.
  • Other big-name hotels were affected by this breach last year.
  • The hack took place in July 2019.

LAS VEGAS - MGM Resorts is being sued by John Smallman, a former guest of one of the MGM hotels, for a security breach that has affected over 10 million people.

The breach took place in 2019. The reason for the lawsuit is because Smallman is blaming the company for not knowing that that they were getting hacked despite the amount of security they have.

The lawsuit has online casino users as well as land-based casino goers worried about handing over their financial information to major casino companies.

Security Breach

“Unfortunately, the miscreants that took and/or acquired the sensitive PII had other plans, and on February 19, 2020, internet technology publication ZDNet revealed that the personally identifiable information of more than 10.6 million MGM hotel guests had been posted on a hacking forum available for misuse by a host of bad actors,” according to the lawsuit.

The hackers infiltrated the security systems at MGM Resorts on July 7, 2019. They stole information from 10.6 million guests that have stayed at these hotels. The information that was taken were:

  • Full Names
  • Full Addresses
  • Phone Numbers
  • Emails
  • Date Of Birth

The company does not believe that payment information was taken from the cyber-attack.

“Last summer, we discovered unauthorized access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts—we are confident that no financial, payment card or password data was involved in this matter,” MGM Resorts told ZDNet.

The guests that were affected by the security hack were not made aware of the situation until September 5th, 2019.

Hotels Affected

Legal gambling venues aren’t the only victims of hacking. The Bellagio and the Mirage are amongst the hotels that were attacked during last year's breach. Since hotels and gaming companies require large amounts of information, this makes them a prime target for hackers since they have acquired all of this information.

In the past, Hilton, Hyatt and Trump hotels were affected as well. This past decade, the Marriot Starwood brand experienced the largest data breach of the decade where 383 million records were stolen.

The Federal Trade Commission’s guidelines do have standards for companies to keep up with, with one of those being successfully safeguarding customer data.

“At all relevant times, MGM knew, or reasonably have known, of the importance of safeguarding PII and of the foreseeable consequences if its data security systems were breached, including, the significant costs that would be imposed on customers as a result of a breach,” according to the lawsuit.