// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
ColdRecon / Breach Radar / MGM Resorts
Breach Record

MGM Resorts

DISCLOSED 2023-09-10 · RANSOMWARE · RANSOMWARE

MGM Resorts suffered a ransomware attack in September 2023 by the Scattered Spider group, causing a $100 million impact. The attackers gained access through social engineering of the help desk. Cyberinsurance is expected to cover the financial losses.

The record

What we know

Disclosed
2023-09-10
Attack vector
Ransomware
Sector
Hospitality
Country
US
RANSOMWARE ENDPOINT INVOLVED
ColdRecon assessment

Could a positive-security control have prevented this?

Verdict · partial · opinion

A positive-security model could have prevented unauthorized encryption and lateral movement after initial access, but the social engineering vector to obtain credentials would not be directly blocked by an allowlist approach.

Our assessments are opinion, grounded in the cited public facts. Read them critically.

Sources

Cited reporting

Similar vector · recent

Other ransomware breaches on file

This page is the permanent ColdRecon entry for the MGM Resorts disclosure. It updates if new public reporting emerges. All tracked breaches →

MGM Resorts just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →