Hacker Stole Over 500 Million Guests Credentials From MGM Resorts

In 2017, Chinese hackers targeted Marriott Hotels revealing details of 500 million guests, then the biggest hacking operation carried out in combination with hotel information.

The hackers targeted Marriott Hotels MGM Resorts reported on Wednesday, 19 February, that cyber-criminals stole personal information from millions of their guests staying at the hotel last summer. The leaked figures were posted on a hacking website according to the reports.

The data that was leaked contained past visitors ' names, addresses and passport numbers. The victims included celebrities including Justin Bieber and business executives, including Jack Dorsey, ceo of Twitter, and officials of the DHS / TSA. MGM has resorts in the cities of Las Vegas, Atlantic City, Detroit, and China, as well as Japan. A new resort in Dubai is also planned.

ZDNET said that international business travelers, reporters attending development conferences, CEOs involved in business meetings, and government officials traveling to Las Vegas agencies receive confirmation.

While names, addresses and passport numbers have been recovered, MGM has confirmed that it has not released any financial information. The resort also said that it is not possible to say exactly how many guests were impacted by the data leak at this time.
A MGM spokesman said last summer that, for some previous guests of MMG Resorts, we noticed unauthorized access to a cloud server that contains little information.

MGM claimed, according to the reports, that most data stolen contained information on the phonebook, such as names, telephone numbers and email addresses. Following the attack, they revealed almost 1,300 sensitive information of former guests, including passport numbers, while a further 52,000 guests said that less sensitive personal information was being leaked.

While businesses in most US countries do not have to alert the customers if data has already been stolen, the Resort customer chain has told customers in compliance with state law. The exposed information is now a treasure trove for many high-profile users, working with major technology companies and government organizations, as is the case of the security research company Under The Breach. He also said that "these users face a increased risk of being able to receive spear-phished e-mails and are traded for SIM."

Previous Post Next Post