In September 2023, MGM Resorts’ computer and data storage systems were hacked, resulting in an estimated $100 million loss in EBITDAR, according to the group’s SEC filing on October 5, 2023. The writer personally experienced the impact of the cyberattack and believes the losses would have been even greater if not for the apparent slow response of the casino regulator, the Gaming Control Board.
The writer checked into MGM’s Aria property on the Las Vegas strip on September 12, amidst chaos and manual check-ins due to the cyberattack. Despite the chaotic check-in process, the casino and gaming areas appeared to be functioning normally, with the exception of bars being cash only and room charges being unavailable. However, issues arose with slot machines, with patrons experiencing delays in collecting their winnings due to limited staff servicing the entire floor.
The writer questioned why MGM was allowed to continue operating its gaming machines when it was known that the ticket system for winnings was not functioning reliably. The response from the Gaming Control Board noted that the cyberattack caused unprecedented issues that would normally be handled easily. However, the writer remained unsatisfied, questioning how MGM proposed to track and reimburse players owed winnings with no record of who won what.
The writer highlighted the complacency and under-preparedness of both MGM Resorts and the Gaming Control Board in handling the cyberattack’s impact on players. The writer emphasized that the Gaming Control Board should be protecting players and attributed the lack of action to complacency and under-preparedness.
Overall, the article sheds light on the impact of the cyberattack on MGM Resorts from a personal perspective, highlighting the flaws in response and the need for better protection and compensation for affected players.