informa
/
Attacks/Breaches
Quick Hits

Personal Info of 10.6M MGM Resort Guests Leaked Online

Data published on a hacking forum includes phone numbers and email addresses of travelers ranging from everyday tourists to celebrities and tech CEOs.

The personal information of 10.6 million MGM Resort guests has been published in a hacking forum, ZDNet reports. MGM Resorts has confirmed the data was stolen in a breach that occurred last summer.

When officials discovered unauthorized access to a cloud server holding certain information belonging to previous hotel guests, they sent out notifications, launched an investigation, and strengthened its network security to avoid the same problem in the future. Now some of this same data has resurfaced.

This trove of data contains details including full names, phone numbers, birthdates, and physical and email addresses for travelers who visited MGM Resorts through 2017. Those affected include tourists, DHS and TSA officials, tech CEOs, celebrities, reporters, and employees of major tech companies. Twitter founder Jack Dorsey and pop star Justin Bieber are among those whose data was exposed. Security experts warn this could put those affected at a higher risk of spear-phishing and SIM-swapping attacks.

MGM Resorts says the incident did not compromise financial, payment card, or password information.

Read more details here.

Edgepromohorizontal.jpgCheck out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "10 Tough Questions CEOs Are Asking CISOs."

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5