Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

5 class actions launched against MGM, Caesars

A flush of class action lawsuits has been filed against MGM Resorts and Caesars Entertainment following the cyber incidents both companies faced earlier this month.

user icon Daniel Croft
Tue, 26 Sep 2023
5 class actions launched against MGM, Caesars
expand image

Four class actions were filed on Thursday (21 September) by two law firms, two against MGM Resorts and two against Caesars, on behalf of individual customers Tonya Owens and Emily Kirwan against MGM, and Paul Garcia and Alexis Giuffre against Caesars.

The lawsuits allege that neither MGM nor Caesars adequately disclosed the breaches to their customers and left them vulnerable to other potential risks. The lawsuits also suggest that the companies failed to properly secure the data of their customers and put them at risk of identity theft.

A fifth lawsuit was then published on Friday (22 September), representing an Illinois couple that had been members of the Caesars Rewards Program for over two decades, alleging a breach of contract with every customer whose personal data was compromised in the breach.

============
============

The MGM and Caesars incidents came as a result of an attack on identity management company Okta by a subgroup of the notorious ALPHV (aka BlackCat) ransomware group called Scattered Spider, requiring the organisation to take down several of its systems, affecting the operations of its casinos and resorts.

One report suggested that the hackers had aimed to make the slot machines spit money for “mules to gamble and milk the machines”.

While there is nothing to say whether MGM has paid ransom, a report by The Wall Street Journal claims that Caesars paid roughly half of the $30 million the hackers demanded in ransom payments.

ALPHV reportedly gained access to the super administrator privileges of the Okta environment within MGM Resorts, as well as the Azure tenant’s global admin privileges.

The FBI said it had launched an investigation into the MGM incident with the assistance of the Cybersecurity and Infrastructure Security Agency. Okta had also said it would be assisting.

MGM Resorts has suffered cyber attacks in the past after the data of over 10.6 million guests was stolen by hackers in 2019. The data was then posted online the next year.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.