Open Nav
Sign Up

MGM Resorts Cyberattack Shuts Down Website and Brings Systems Offline

MGM resort cyberattack

OPInnovate Research

September 12, 2023

MGM Resorts, a renowned international hotel and casino company, has been hit by a cyberattack that has forced the shutdown of its website and computer systems. Concerns are mounting over potential data breaches and the impact on reservation systems and casino floors.

The company has taken swift action, involving external cybersecurity experts and notifying the FBI.

Impact of the Cyberattack on MGM Resorts’ Operations

The cyberattack on MGM Resorts has resulted in the shutdown of the company’s website and offline systems, impacting operations across multiple locations. The incident, which was first detected on Sunday night, has caused significant disruption to MGM Resorts’ operations.

The company’s websites are currently offline, and screens on casino gaming machines are displaying error messages. This issue isn’t limited to MGM’s Las Vegas locations, as other properties, including the Borgata Hotel in Atlantic City, have also been affected. The impact of the cyberattack can be seen at the MGM Grand Detroit Casino, where digital keys and the rewards program are experiencing issues.

The FBI is currently investigating the cybersecurity issue, and there are reports that MGM Resorts may have been the victim of a ransomware attack, although this claim hasn’t been confirmed. The disabled slot machines observed at MGM Resorts’ properties further indicate the extent of the attack.

This incident serves as a reminder of the increasing scale and mainstream nature of cyber attacks, be it ransomware or general disruptions. It emphasizes the need to be diligent and constantly ensure that your organization is secure.

As well as the need to invest in cybersecurity training and education for employees, this attack highlights the importance of continuous penetration testing for all organizations. While the investigation is still ongoing and the details of the attack and how the attackers managed to breach MGM’s systems are not yet known, it is worth noting that a large majority of attacks originate from vulnerabilities that could have been easily detected and resolved through effective pen testing.

Resources highlights

‘UMBRELLA STAND’ Malware Targets Fortinet FortiGate Firewalls

‘UMBRELLA STAND’ Malware Targets Fortinet FortiGate Firewalls The UK’s National Cyber Security Centre (NCSC) has issued an alert regarding a sophisticated malware campaign dubbed “UMBRELLA…

Read more >

umbrella stand fortinet

CVE-2025-49144: Privilege Escalation in Notepad++ Installer Enables Full SYSTEM Access

A critical local privilege escalation vulnerability in the Notepad++ v8.8.1 installer allows attackers to escalate to NT AUTHORITY\SYSTEM using binary planting techniques. Tracked as CVE-2025-49144,…

Read more >

CVE-2025-49144

Our Red Team’s Favorite Penetration Testing Tools in 2025 (And How We Use Them)

When it comes to red team operations, the tools you choose can make or break the engagement. From initial reconnaissance to post-exploitation, having a streamlined,…

Read more >

pentesting tools - op

New Linux Vulnerabilities (CVE-2025-6018 & CVE-2025-6019) Enable Full Root Access in Seconds

Security researchers have uncovered a critical privilege escalation chain in major Linux distributions that allows any local user with a session (SSH or GUI) to…

Read more >

CVE-2025-6018, CVE-2025-6019

Zero to Hero: How Our Red Team Turned a Sticky Note Into Full Cloud Compromise

“The weakest link in your security chain might be sitting right on your desk.” At OP Innovate, our CREST-certified red team is trained to think…

Read more >

OP Innovate Red Team

One-Third of All Grafana Instances Vulnerable to XSS (CVE-2025-4123)

Over 46,000 internet-facing Grafana servers (≈36 % of those online) are still running versions susceptible to CVE-2025-4123, a high-severity open-redirect that chains into stored cross-site…

Read more >

CVE-2025-4123
Under Cyber Attack?

Fill out the form and we will contact you immediately.