Personal Info of 10.6M MGM Resort Guests Leaked Online

Data published on a hacking forum includes phone numbers and email addresses of travelers ranging from everyday tourists to celebrities and tech CEOs.

Dark Reading Staff, Dark Reading

February 20, 2020

1 Min Read
Dark Reading logo in a gray background | Dark Reading

The personal information of 10.6 million MGM Resort guests has been published in a hacking forum, ZDNet reports. MGM Resorts has confirmed the data was stolen in a breach that occurred last summer.

When officials discovered unauthorized access to a cloud server holding certain information belonging to previous hotel guests, they sent out notifications, launched an investigation, and strengthened its network security to avoid the same problem in the future. Now some of this same data has resurfaced.

This trove of data contains details including full names, phone numbers, birthdates, and physical and email addresses for travelers who visited MGM Resorts through 2017. Those affected include tourists, DHS and TSA officials, tech CEOs, celebrities, reporters, and employees of major tech companies. Twitter founder Jack Dorsey and pop star Justin Bieber are among those whose data was exposed. Security experts warn this could put those affected at a higher risk of spear-phishing and SIM-swapping attacks.

MGM Resorts says the incident did not compromise financial, payment card, or password information.

Read more details here.

Edgepromohorizontal.jpgCheck out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "10 Tough Questions CEOs Are Asking CISOs."

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights