MGM Resorts cyberattack: How does breach affect Northfield Park?

Eric Marotta, Akron Beacon Journal
·4 min read
1
MGM Northfield Park is open for business following a companywide cybersecurity problem, but is holding on to jackpots, which it said will be paid to winners at a later date.
MGM Northfield Park is open for business following a companywide cybersecurity problem, but is holding on to jackpots, which it said will be paid to winners at a later date.

A cybersecurity issue has affected MGM Resorts International operations, including at Northfield Park. While the company says daily operations have resumed, there appear to be some lingering problems — and questions remain days after the initial disruption.

Unknown is whether any personal information was compromised, as MGM has not directly answered that question.

At Northfield Park, the company has posted a sign saying jackpots "will be held in safekeeping and paid out when possible." Here's what we know.

What caused the problem?

Computers at all MGM Hotels & Casinos properties shut down operations after a cyberattack on its computer systems Sunday left the resort chain vulnerable.

MGM Resorts International is working with external cybersecurity experts to resolve the “cybersecurity issues affecting some of the company’s systems,” according to a statement obtained by USA Today.

The company said Thursday it continues to "work diligently to solve our cybersecurity issue while addressing individual guest needs promptly."

When asked whether any of its customers' personal information was compromised, MGM made the following statement: "Our investigation is ongoing, and we are working diligently to evaluate the scope and nature of the issue. At this time, we do not have additional information available to share."

The FBI said it is assisting with the investigation, the Associated Press reported.

Caesars Entertainment also suffered cyberattack

Just prior to the MGM cyberattack, an "unknown actor" attacked Caesars Entertainment Inc. and managed to obtain personal information of many of its customers.

The Associated Press reports it is not clear who is responsible for the attack on Caesars, whether Caesars paid a ransom to the attacker or whether the same party is believed to have attacked MGM.

However, Caesars on Sept. 7 told the U.S. Securities and Exchange Commission that it discovered the breach followed a "social engineering attack" on one of its outsourced IT support vendors. A social engineering attack basically tricks an individual into giving away access, or information that allows access to a secure system.

"We determined that the unauthorized actor acquired a copy of, among other data, our loyalty program database, which includes driver’s license numbers and/or social security numbers for a significant number of members in the database ... We have no evidence to date that any member passwords/PINs, bank account information, or payment card information (PCI) were acquired by the unauthorized actor," the company stated in SEC filing.

Caesars said it has taken steps to ensure, but could not guarantee, that the unauthorized actor is erasing the data it acquired, but did not describe those steps. The company said it has paid and will continue to pay expenses it did not total to "respond to, remediate and investigate," the breach.

What systems and services were affected?

On Monday night, MGM issued a statement on Twitter: "Our resorts, including dining, entertainment and gaming are currently operational, and continue to deliver the experiences for which MGM is known. Our guests remain able to access their hotel rooms and our Front Desk staff is ready to assist our guests as needed. We appreciate your patience."

However, various guests reported on social media Tuesday that lines for hotel front desks wrap around the lobby, phone lines are down, and slot machines are inoperable.

By Thursday, some check-in problems appear to have been resolved, another guest reported.

MGM Northfield Park in the meantime has posted a sign that says the resort will not immediately pay some jackpots.

What services are still available?

While MGM Northfield Park did not return a message seeking comment, the company's online Frequently Asked Questions page lists the status of some services:

  • Those traveling to MGM hotel resorts outside Northfield can cancel reservations made through Sept. 17 with no penalty. Those charged for the first night of their reservation at the time of booking will have that charge reversed. Mobile Check-In and Digital Keys are currently unavailable. The hotel front desk will issue a physical key to rooms. The company is working to activate its call centers and direct booking through its website and mobile app.

  • The company is processing credit card transactions, but certain unlisted transactions may be quicker to process with cash, the company states.

  • Restaurant reservations can be made online via the website or mobile app or through third party booking websites.

  • No shows have been canceled. Tickets to shows, concerts, and attractions can be booked online via the website or mobile app or through Ticketmaster.com or AXS.com.

Eric Marotta can be reached at emarotta@gannett.com.

This article originally appeared on Akron Beacon Journal: MGM Northfield Park holds jackpots for 'safekeeping' after cyberattack