MGM Resorts has shut down some of its systems as a result of a “cybersecurity issue,” according to a company social media post on Monday.
Late Tuesday, the company posted an update, saying that its resorts’ dining, entertainment, and gaming “are currently operational.” The statement also thanked guests for their patience, saying “our guests remain able to access their hotel rooms.”
However, the statement did not specify the status of its systems, whether these operations were being handled manually, or whether some properties are still accepting cash only.
As of Tuesday morning, the MGM Resorts website was still offline, with an apology message and a list of phone numbers for guests to reach their specific hotel concierge desk.
Justin Heath, a guest at MGM Grand in Las Vegas, told CNN on Monday that visitors were unable to charge purchases to their rooms, that digital hotel room keys were not working and that restaurants were taking only cash.
In MGM’s initial Sunday statement, the company explained that after detecting the cybersecurity issue, “we quickly began an investigation with assistance from leading external cybersecurity experts,” the company said on X, formerly known as Twitter.
MGM Resorts (MGM) says it’s working with law enforcement and “took prompt action to protect our systems and data, including shutting down certain systems.”
An FBI spokesperson told CNN they are aware of the incident but declined further comment on the matter.
CNN has reached out to MGM Resorts for more information. MGM Resorts International manages several properties across the U.S., including Aria, Bellagio, Cosmopolitan, Excalibur, Luxor, Mandalay Bay, MGM Grand Las Vegas, and New York-New York in Las Vegas. Other domestic properties are located in Massachusetts, Michigan, Mississippi, Maryland, Ohio, New Jersey, and New York. The company also has resort locations in China.
It is unclear whether the cybersecurity incident was conducted by threat actors seeking to exfiltrate sensitive information or to cause damage and disruption to MGM systems. For investigators, the nature of the attack is often key to helping identify whether it originated from criminals seeking to steal information for financial gain, or nation-state actors gathering information for intelligence purposes.
Casinos have been prime targets for both traditional cybercriminal enterprises as well as foreign governments.
In 2017, researchers announced a North American casino had been the target of data exfiltration by cybercriminals who compromised a fish tank connected to company’s internet connection.
In 2014, the Sands Las Vegas Corporation fell victim to a damaging cyberattack by the Iranian government, according to the US Director of National Intelligence.
CNN’s Danielle Sills contributed to this report
