Bill Hornbuckle, CEO of MGM Resorts, revealed that the company has not paid any ransom in the wake of the recent cyberattack. [Image: Shutterstock.com]
Revealing some subtle details
MGM Resorts International CEO Bill Hornbuckle has revealed more details about the casino company’s latest cyberattack. While presenting at World Toy Fair as a keynote speaker on Tuesday, he answered a few questions, calling the attack “corporate terrorism at its finest” and adding that he wouldn’t wish the same problem on anyone else.
The few weeks following the breach were ‘devastating’
Hornbuckle said the hack occurred by accident and involved social manipulation. He told the audience at the Venice Hotel that the few weeks following the hack had been “devastating.”
The MGM team noticed the problem the day after it occurred, which allowed them to respond quickly to try to protect as much data as possible by shutting down certain systems. The hackers then realized what was happening and proceeded to shut down any other live systems.
As a result, the company was “completely in the dark” for the next four or five days trying to manage its 36,000 hotel rooms in Las Vegas. Everything from the room key cards to the hotel and casino systems were not working.
No ransom was paid
Hornbuckle confirmed that MGM did not pay any ransom to the attackers, saying that this was a tactical decision, based on the length of time it would take for MGM to figure its way out of the attack versus obtaining the encryption keys from the attackers.
Caesars Entertainment had been subjected to a similar attack shortly before MGM’s ordeal and eventually paid a $15 million ransom.
Noting that the entire incident will cost the company an estimated $100 million, cyber insurance is expected to cover the costs of the hack. All commercial systems are now back up and running, although some others are not yet fully operational. The company plans to reinvest in infrastructure, operations and people moving forward.
The attackers’ entry point was MGM’s technical team’s call center, using social engineering methods to gain access. The plan is to rework processes moving forward to ensure the same thing doesn’t happen again. Hornbuckle is confident that customers’ credit card information has not been compromised.
Other big talking points in Las Vegas
Speaking on Tuesday, Hornbuckle also mentioned the excitement surrounding next month’s Formula 1 race on the Strip, saying it will be the biggest event the city has ever seen. The company’s average daily room rates over the race weekend rose about 400%.
It is believed that a satisfactory outcome for all parties can be reached in the coming weeks
Hornbuckle also touched on current tensions involving resort properties and the culinary union, with the possibility of a strike on the horizon. It is believed that a satisfactory outcome for all parties can be reached in the coming weeks.
