LAS VEGAS (KLAS) — The breach suffered by MGM Resorts International may cost the company millions of dollars, a cybersecurity expert said Tuesday.
The company oversees several Las Vegas resorts, such as Aria, Bellagio, Excalibur, Luxor, and Mandalay Bay. It has kept its customers informed about a situation that officials labeled a “cybersecurity issue.” This problem resulted in the shutdown of certain systems to safeguard the company’s data.
“Shutting systems down to mitigate the risk of further infection and further worsening of the incident is relatively standard,” said John Funge, managing director of DataTribe, a cybersecurity firm based out of Maryland.
Funge said the attack may have a hefty price tag for MGM Resorts International.
“This particular incident is likely financially motivated,” Funge said.
On Monday, officials from MGM said that the affected resorts were functioning and “continue to deliver the experiences for which MGM is known.” Those experiences include dining, entertainment, and gaming. It was unclear if the resorts were back to full operation Tuesday morning as reports indicated that nearly half of casino floor machines were not functioning.
Officials from MGM have not said how the attack occurred, though Funge said it potentially could have started as simply as a staff member opening a malicious email. That error could be an expensive one. Funge said that breaches similar to the one MGM has experienced in the last 36 hours could cost the company more than $100 million.
He added that it’s likely the culprits of the attack are awaiting a payout, although he does not recommend paying a ransom. Some companies, Funge says, however, ignore his suggestion, desperate to get back to “business as usual.”
Funge advises anyone who has spent time or money at an MGM resort to thoroughly check email received from addresses that appear to be from MGM companies to ensure they are genuine. Additionally, he advises anyone concerned about the breach to monitor their credit support for unusual activity.