A cybersecurity problem that affected several of MGM Resorts International's systems, including its primary website, online bookings, and in-casino services including ATMs, slot machines, and credit card machines, was revealed today.

MGM Resorts sent a statement on its profile page on X (formerly known as Twitter) stating that it has "recently identified a cybersecurity issue affecting some of the Company's systems."

The business claims that as soon as it became aware of the problem, it launched an investigation and "took prompt action to protect our systems and data, including shutting down some systems."

The computers in the resorts are currently down, and it appears that the outage began on Sunday night.

Online reports state that the business resorted to manual operations, which had an impact on the properties' ATMs and credit card terminals.

Currently, clients can make hotel reservations "at any of our destinations" via the phone, according to a message on the main MGM Resorts website, which is also down.

Customers of MGM Rewards are also impacted and are advised to phone a Member Services number from 6 AM to 11 PM, Pacific time.

All MGM websites with the mgmresorts.com domain name have been unavailable for several hours. Inspecting a few of them, BleepingComputer found that MGM National Harbor, Empire City Casino, MGM Springfield, MGM Grand Detroit, Beau Rivage, and The Borgata all displayed the same message directing guests to call a number.

You can reach us in confidence via Signal at 646-961-3731 if you have any information on this attack or other attacks.

Some visitors reportedly complained that their room keys weren't working to FOX5.

The slot machines are not operating and are instead showing a notice saying that they are momentarily offline, according to local Las Vegas media outlet Vital Vegas.

The MGM Rewards app is no longer functional, as reported by BleepingComputer, who suggests users go to the front desk for assistance. Other MGM apps, such MGM+ and the MGM sportsbook, are unaffected by the incident.

The specifics of the cybersecurity breach have not been made public, and the goal of the attacker is still a mystery.

Since a cloud service used by the corporation was compromised in 2019 and more than 10 million user records were stolen, MGM Resorts has now verified two cybersecurity incidents.

After a hacker forum allowed the open sharing of an archive containing stolen data, including visitors' names, dates of birth, email addresses, phone numbers, and physical addresses, the business acknowledged the incident in 2020.

source: BleepingComputer