Hackers say they stole 6 terabytes of data from casino giants MGM and Caesars

Sept 14 (Reuters) – Hacking group Scattered Spider said on Thursday it took six terabytes of data from the systems of billionaire casino operator MGM Resorts International. (MGM.N) and Caesars Entertainment (CZR.O) while both companies investigated the violations.

Speaking to Reuters via the Telegram messaging platform, a representative of the group said it did not plan to make the data public and declined to comment on whether it had asked the companies for a ransom. “If MGM wants to disclose that information, they will. We don’t do that,” the person said.

The group’s contact was provided to Reuters by a cybersecurity expert who runs an online repository of malware samples called “vx-underground” and declined to be identified. Caesars and MGM did not respond to requests for comment on the amount of data breached.

Caesars reported regulators on Thursday discovered that on September 7 hackers took data from a significant number of its loyalty program members, including “driver’s license numbers and/or social security numbers.” Previously, Bloomberg and The Wall Street Journal reported that Caesars had paid a ransom, but Caesars declined a Reuters request to comment on the matter.

Before, MGM saying was working with authorities to resolve a “cybersecurity issue.”

Scattered Spider, also known as UNC3944, is one of the most disruptive hacking teams in the United States, according to Google’s Mandiant Intelligence.

Several security analysts have drawn attention to the group over the past year for its effective social engineering tactics. He has been known to contact an organization’s information security teams by phone, posing as an employee who needs to reset his password.

“They tend to have most of the information they need before they call help desk; that’s the last step,” said Marc Bleicher, a security analyst who has done forensic research on these types of attacks before.

Mandiant has linked Scattered Spider to more than 100 intrusions over the past two years at companies ranging from gaming and technology companies to retailers, telecommunications and insurance companies, Charles Carmakal, Mandiant’s chief technology officer, told Reuters.

The group’s members appeared to be scattered in several Western countries, he added.

Caesars saying The breach was the result of a “social engineering attack” on an IT provider the company used. He did not quantify the financial impact.

Operations at MGM, one of the world’s largest casino and hotel operators, remained disrupted four days after news of the hack emerged. Social media posts showed images of slot machines displaying error messages at their Las Vegas casinos.

Some analysts believe that Scattered Spider is a subgroup of ALPHV, a ransomware hacking team that emerged in November 2021. according eat

The FBI said it was investigating the incidents at MGM and Caesars and declined to comment further.

Our standards: The Thomson Reuters Trust Principles.