Over 10 million customer details of people who stayed in the company's hotels have been posted to an online forum including names, addresses and passport numbers.
MGM confirmed the breach but stated they could not say exactly how many people may have been affected because the information could be duplicated.
"Last summer, we discovered unauthorized access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts. We are confident that no financial, payment card or password data was involved in this matter," a spokesperson for MGM Resorts said.
High profile figures such as celebrities, CEOs, reporters and government officials who have stayed in MGM resorts are likely to have been affected.
MGM said it was "confident" no financial information had been exposed and that it notified customers of the breach last year.
Approximately 1,300 former guests were told that sensitive information including passport numbers had been revealed and 52,000 customers were informed that less sensitive personal information was exposed, said the BBC.
Hotels included under MGM Resorts in Las Vegas are the Bellagio, Aria, MGM Grand, Mandalay Bay, Park MGM, Mirage, New York New York, Luxor and Excalibur.
However, the company also has resorts in Atlantic City and Detroit.
Hackers can use information to source different credentials such as passwords and usernames and carry out targeted cyber-attacks in the future.
Those who have had information stolen could face a higher risk of receiving spear-phishing emails, and being SIM swapped, Under the Breach told ZDNet.
However, this is not the worst data leak in recent history. The Marriott Hotel data hacking scandal in 2017 still remains the largest personal data breach to date, when over 500 million hotel guests’ personal details were stolen.