In 2019, MGM Resorts became a victim of a hack where the details of millions of hotel guests have been compromised. Now, someone is trying to sell the stolen data on the dark web and is demanding cryptocurrency as payment, preferably in Bitcoin (BTC) or Monero (XMR).
It now appears that the MGM Reports 2019 data breach is much larger than the 10 million guests initially reported by ZDNet back in February 2020. The publication recently reported that the hack last year actually affected the records of over 142 million guests.
The hackers, who claim that last year’s hack affected the record of 142,479,937 MGM Grand hotel guests, have been making attempts to sell the data via the dark web, according to Bitcoin.com. The hackers are asking for $2,939 in cryptocurrency, preferably Bitcoin (BTC) or Monero (XMR), as payment for the hotel data.
The hackers claimed that they were able to obtain the data after breaching DataViper, which is a service operated by Night Lion Security. However, Night Lion Security founder Vinny Troja explained to ZDNet that his firm never owned a copy of the full MGM database. Troja suspects that the claim made by the supposed hackers is just to ruin his firm’s reputation.
MGM released a statement on Sunday saying that they were aware of the scope of the breach. It was also confirmed that the customer data stolen included names, postal addresses, dates of birth, contact numbers, and email addresses. Thankfully, financial information, ID, and Social Security numbers were not included.
While MGM is aware that hackers were able to steal customer data, it did not disclose the matter to the public nor confirmed just how many guests were affected. However, the company said that it already notified impacted customers.
“MGM Resorts was aware of the scope of this previously reported incident from last summer and has already addressed the situation,” an MGM spokesman said. “The vast majority of data consisted of contact information like names, postal addresses, and email addresses.”
Comment 19