MGM Resorts, one of the largest hotel and casino operators in the world, has been hit by a cyberattack that forced it to shut down its IT systems on Monday. The company said it was working to restore normal operations as soon as possible, but did not provide any details on the nature or extent of the attack.
According to a report by BleepingComputer, the attack affected MGM Resorts’ email servers, reservation systems, and employee applications. The company’s website was also offline for several hours, displaying a message that said “Our site is currently undergoing maintenance. Please check back later.”
The attack comes less than two years after MGM Resorts suffered a massive data breach that exposed the personal information of more than 142 million guests. The stolen data included names, addresses, phone numbers, email addresses, dates of birth, and passport numbers. The data was later leaked online and sold on the dark web.
MGM Resorts is not the only hotel chain that has been targeted by cybercriminals. In recent years, Marriott, Hyatt, Hilton, and Choice Hotels have also reported data breaches that compromised millions of customers’ data.
Cyberattacks on the hospitality industry can have serious consequences for both the businesses and their guests. Besides the financial losses and reputational damage, such attacks can also expose sensitive information that can be used for identity theft, fraud, phishing, blackmail, or espionage.
As a cyber security expert, I would like to offer some advice on how to prevent and mitigate such attacks:
- For hotel operators:
- Implement strong security measures to protect your IT systems and data. This includes using encryption, firewalls, antivirus software, backups, and multi-factor authentication.
- Regularly update your software and hardware to fix any vulnerabilities and patch any security flaws.
- Educate your staff on how to recognize and avoid phishing emails and other common cyber threats.
- Monitor your network activity and logs for any suspicious or anomalous behavior.
- Have an incident response plan in place to quickly detect, contain, and recover from a cyberattack.
- Notify your customers and authorities as soon as possible if you experience a data breach or cyberattack.
- For hotel guests:
- Be careful when sharing your personal information with hotels or booking websites. Only provide the minimum necessary information and avoid using public or unsecured Wi-Fi networks.
- Use strong and unique passwords for your online accounts and change them regularly. Do not reuse the same password for different accounts or services.
- Check your credit card statements and bank accounts for any unauthorized or fraudulent charges. Report any suspicious activity to your bank or card issuer immediately.
- Beware of phishing emails or calls that claim to be from hotels or booking websites. Do not click on any links or attachments or provide any information unless you are sure they are legitimate.
- Use a VPN (virtual private network) service to encrypt your online traffic and protect your privacy when traveling.
Cyberattacks are becoming more frequent and sophisticated, especially in the hospitality industry. By following these tips, you can reduce your risk of becoming a victim and protect yourself from potential harm. Stay safe and enjoy your stay!