If you pay attention to Las Vegas news, you already know about the major hack of Caesars Entertainment and MGM Resorts.
- Caesars publicly admitted they were a victim of a ransomware attack and supposedly paid the money to have the thieves delete the data.
- MGM remained hush about the entire event, even as their hotels in Las Vegas operated at a crawl due to the lack of computer access. In the end, MGM never paid the hackers (that we know of) and instead paid $10 million in consultant fees to clean up the mess, losing themselves over $100 million in revenue.
The initial hack happened on September 11, 2023, and today I finally received an email from MGM about what happened and how it affects me.
Attribution: Mikano at the German language Wikipedia
What Happened?
MGM Resorts International recently disclosed that the company identified a cybersecurity issue affecting certain of our systems and that our investigation into the issue was ongoing. On or around September 29, 2023, we determined that an unauthorized third party obtained personal information of some of our customers on September 11, 2023
What Information Was Involved?
The affected information included name, contact information (such as phone number, email address, and postal address), gender, date of birth, and driver’s license number. For a limited number of customers, passport number was also affected. The types of impacted information varied by individual.
We do not believe customer passwords, bank account numbers, or payment card information was affected by this issue.
We’re all accustomed to the everyday hack but this one seems worse than most. For instance, MGM has access to a lot of information you provide to join their loyalty program or stay at their properties. News that identifiable information including name, address, email, DOB and driver’s license numbers are in the wild is bothersome.
Like most companies, MGM is arranging for 1 year of Identity Protection and Credit Monitoring services through Experian IdentityWorks.
We also have arranged with Experian to offer you credit monitoring and identity protection services for one year at no cost to you. The attached Reference Guide provides information on registration and recommendations by the U.S. Federal Trade Commission on the protection of personal information.
MGM even suggests putting a fraud alert or credit freeze on your credit reports and provides information on how to do so with the major credit reporting agencies.
To sign up for Experian IdentityWorks, I received a unique code in my email. The service has to be activated by January 31, 2024, by going to https://www.experianidworks.com/credit.
If you didn’t receive an email from MGM and feel that you should be eligible for free credit monitoring, I’d suggest calling them at 800-621-9437 toll-free Monday through Friday from 8 am – 10 pm Central, or Saturday and Sunday from 10 am – 7 pm Central (excluding major U.S. holidays).
It’s somewhat bothersome that it took over a month for MGM to contact those they think might have been affected by this massive hack of their systems. If hackers wanted to use the information to steal identities, they’re already in the process.
For me, it’s another way to have free credit monitoring for the rest of my life.
Want to comment on this post? Great! Read this first to help ensure it gets approved.
Want to sponsor a post, write something for Your Mileage May Vary, or put ads on our site? Click here for more info.
Like this post? Please share it! We have plenty more just like it and would love it if you decided to hang around and sign up to get emailed notifications of when we post.
Whether you’ve read our articles before or this is the first time you’re stopping by, we’re really glad you’re here and hope you come back to visit again!
This post first appeared on Your Mileage May Vary
1 comment
What happens to international customers of MGM who try to sign up for the Experian ID Protection and Credit Monitoring but don’t have a US SSN and/or address?