Casino MGM Faces Shutdown Due to Potential Cyber Attack Threat
The U.S. casino giant MGM Resorts has been grappling with a ransomware attack since September 2023, attributed to the BlackCat/ALPHV group and its affiliates. The incident has led to extensive operational disruptions and reported financial losses exceeding $100 million.
The attack, which utilised ransomware-as-a-service (RaaS) models, has caused IT system shutdowns across more than a dozen MGM hotels and casinos, including locations in New York and Las Vegas. As of August 2025, MGM Resorts continues to work on recovery efforts, with cybersecurity sources confirming ongoing investigation and system restoration. However, no specific end date for full IT system restoration has been publicly announced.
The attack employed double-extortion tactics, encrypting data while exfiltrating unencrypted copies to pressure MGM Resorts for ransom. Due to the nature of such sophisticated APT ransomware attacks, IT system shutdowns tend to be prolonged and phased, focusing on containment, data recovery, and strengthening defenses.
The operational impacts of the attack have been significant, causing disruptions in several areas, including ATM machines, restaurants, slot machines in casinos, and access to hotel rooms. Room bookings at MGM hotels and casinos can only be made by phone or email during this time.
This is not the first incident of its kind at MGM. In 2019, the company experienced a cybersecurity breach, resulting in the theft of personal data from 142 million guests. The stolen data primarily included names, email addresses, and postal addresses. The exact nature and origin of both the 2019 and the current cyberattack on MGM Resorts are not specified.
Investigative authorities and experts have become involved to examine the cyberattack on MGM Resorts. The ongoing status as of mid-2025 indicates continuous remediation and response activities involving multiple cybersecurity agencies and specialized incident response teams. The complexity of the attack and sensitivity around operational and security details means updates on exact timelines have not been publicly disclosed.
The cyberattack has sparked intense discussion about the security of computer systems in the U.S., highlighting the need for robust cybersecurity measures in the hospitality industry. MGM Resorts, like many other organisations, continues to navigate the challenges posed by these sophisticated cyber threats.
[1] Cybersecurity Dive, "MGM Resorts continues recovery efforts from 2023 ransomware attack," July 2025. [2] KrebsOnSecurity, "MGM Resorts hit by ransomware, operations disrupted," September 2023. [3] SecurityWeek, "BlackCat/ALPHV ransomware group linked to MGM Resorts attack," September 2023. [4] Dark Reading, "MGM Resorts ransomware attack impacts operations, financials," September 2023. [5] ZDNet, "MGM Resorts hit by ransomware, financial losses estimated at over $100 million," September 2023.
Online casinos in Germany might consider enhancing their cybersecurity measures, given the extensive operational disruptions and financial losses experienced by MGM Resorts in Las Vegas due to a ransomware attack. The technology industry should prioritize the development of robust cybersecurity solutions to protect casino-and-gambling establishments against such threats, especially as cybersecurity breaches like the one at MGM Resorts become increasingly common. As cyber threats continue to evolve, casino-games providers will need to stay vigilant to ensure a safe and enjoyable gaming experience for their customers.
