Personal Info of 10.6M MGM Resort Guests Leaked Online
Data published on a hacking forum includes phone numbers and email addresses of travelers ranging from everyday tourists to celebrities and tech CEOs.
The personal information of 10.6 million MGM Resort guests has been published in a hacking forum, ZDNet reports. MGM Resorts has confirmed the data was stolen in a breach that occurred last summer.
When officials discovered unauthorized access to a cloud server holding certain information belonging to previous hotel guests, they sent out notifications, launched an investigation, and strengthened its network security to avoid the same problem in the future. Now some of this same data has resurfaced.
This trove of data contains details including full names, phone numbers, birthdates, and physical and email addresses for travelers who visited MGM Resorts through 2017. Those affected include tourists, DHS and TSA officials, tech CEOs, celebrities, reporters, and employees of major tech companies. Twitter founder Jack Dorsey and pop star Justin Bieber are among those whose data was exposed. Security experts warn this could put those affected at a higher risk of spear-phishing and SIM-swapping attacks.
MGM Resorts says the incident did not compromise financial, payment card, or password information.
Read more details here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "10 Tough Questions CEOs Are Asking CISOs."
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024