Caesars Reportedly Paid Cyber Ransom, MGM Credit Rating Vulnerable Following Hack
Posted on: September 13, 2023, 05:06h.
Last updated on: September 13, 2023, 05:06h.
News of cyber breaches afflicting Las Vegas Strip casino operators is getting worse. Just two days after MGM Resorts International (NYSE: MGM) confirmed it was the victim of a wide-ranging cyber attack, rival Caesars Entertainment (NASDAQ: CZR) will reportedly soon tell investors it was the target of a ransomware crime.
Earlier today, unidentified sources with knowledge of the matter told Bloomberg that the hacking group known as Scatter Spider, or UNC 3944, recently hit Caesars with a ransomware infiltration and was successful in extorting the gaming company for an unreported sum. According to unconfirmed speculation on X (formerly Twitter), the cyber thieves hit the Harrah’s operator for $30 million, maybe more.
Per newly instituted guidelines from the Securities and Exchange Commission (SEC), publicly traded companies must disclose to investors “material” events, of which cyber ransoms fit the bill. Those disclosures are made via an Item 1.05 Form 8-K, which Caesars is expected to soon file. At press time, the last SEC filing from Caesars was dated Aug. 25, according to the commission’s website.
Casino.org reached out to the casino operator prior to publication of this article, but requests for comment for not responded to.
Ransomware Attacks Increasingly Common
To date, MGM has not confirmed that it was the victim of a ransomware attack, but some cybersecurity experts believe cyber breach that sent the company’s operations into a tailspin this week has all the telltale signs of a ransomware infiltration.
It’s believed Scatter Spider is not behind the MGM hack. Media reports suggest the MGM cyber breach occurred when a perpetrator posed as a current MGM staffer and leveraged that faux status to attain technology credentials from the company’s information technology (IT) department.
Conversely, Scatter Spider is said to have initiated its hack of Caesars via an outside vendor to the gaming company. By hacking the third-party vendor, Scatter Spider gained access to Caesars network in a breach that’s believed to have started on Aug. 27, according to Bloomberg.
MGM and Caesars are the two largest operators on the Las Vegas Strip and both have extensive portfolios of regional casinos strewn across the US.
Potential Investor Impact
Caesars hasn’t officially disclosed the financial magnitude of the cyber attack it endured and MGM hasn’t confirmed it’s dealing with a ransomware scenario. Still, there could be some adverse effects felt by both companies’ investors.
In a note to clients today, Moody’s Investors Service called the MGM breach a “credit negative” event and while it didn’t pare its rating on the casino giant, the research firm observed the hack “highlights key risks related to (MGM’s) business operations’ heavy reliance on technology and the operational disruption caused when systems need to go offline or are inoperable.” Moody’s didn’t comment on Caesars. It has a “B1” grade on MGM’ debt.
“Additional risks to MGM include potential revenue losses while systems were down, reputational risk and any direct costs related to investigation and remediation,” added Moody’s. “Litigation expense or liability that the company may have because of compromised data, to the extent there is any, is also a risk.”
Related News Articles
Source: casino.org