97°F
weather icon Clear
Las Vegas, NV
Casinos & Gaming

Gaming regulator says public updates on MGM, Caesars cyberattacks unlikely

Excalibur hotel and casino, left, New York New York and MGM Grand are seen, on Thursday, Sept. ...
Excalibur hotel and casino, left, New York New York and MGM Grand are seen, on Thursday, Sept. 14, 2023, in Las Vegas. A collaboration of Russian ransomware hacker gangs may have been responsible for MGM Resorts International’s cybersecurity issue that has plagued the company. (Bizuayehu Tesfaye/Las Vegas Review-Journal) @bizutesfaye
More Stories
A marketing image for "MGM Live" shows how broadcasts could look from the MGM Grand and Bellagi ...
Casino games to stream live through new MGM Resorts partnership
Nevada Gaming Commissioners unanimously approved applications for horse races to be held in Ely ...
Win, place or show? Ely and Elko horse races get final approval
Fontainebleau Las Vegas, as seen on Friday, Dec. 8, 2023 in Las Vegas. (Daniel Pearson/Las Vega ...
Analysts say new Vegas resorts have led to multiple executive changes
Debris is pushed out of a higher floor to a pile below for transport as demolition continues on ...
What does Bally’s have to do before a possible Tropicana implosion?
By / Las Vegas Review-Journal
October 4, 2023 - 6:19 pm
 

Nevada’s top gaming regulator says it isn’t likely the Nevada Gaming Control Board will discuss the cybersecurity attacks on MGM Resorts International and Caesars Entertainment Inc. anytime soon because the matter is an active police investigation.

Gaming Control Board Chairman Kirk Hendrick on Wednesday said the board “is now acting in its capacity as an investigative and law enforcement agency to support the gaming industry and protect the state of Nevada and its citizens and visitors.”

The FBI confirmed in September that it was investigating the cyberattacks that effectively shut down most of MGM’s computerized systems. The company reported later in the month that most systems had returned to normal.

Nevada Gaming Commissioner Brian Krolicki last month called for a public update regarding the attacks on MGM that began Sept. 10 and at Caesars in August.

The disruption affected MGM properties nationwide for nine days while Caesars had few public-facing problems because the company reportedly paid a multimillion-dollar ransomware demand.

“Nevada’s gaming regulators were forward-thinking last year when Nevada Gaming Commission Regulation 5.260 was adopted to mandate that certain nonrestricted licensees must develop cybersecurity best practices, and thereafter continually monitor and evaluate those practices,” Hendrick said during a break from Wednesday’s Control Board meeting.

“Pursuant to the statutory directive of the Gaming Control Act, it would not be prudent to publicly review any particular licensee’s cybersecurity practices or response to any incident,” he said. “If updates to the cybersecurity requirements outlined in NGC Regulation 5 are warranted, those matters will be discussed in public board and commission meetings.”

Hendrick’s remarks came as the aftereffects of the cybersecurity attack continued to give some MGM customers jitters.

BetMGM customers complained on social media late Tuesday and early Wednesday that they were unable to access their mobile betting accounts.

A spokesman for BetMGM acknowledged the problem, but said it had nothing to do with problems MGM had in September.

“We are aware of a technical issue earlier today that resulted in some customers experiencing delays or difficulty accessing their accounts,” a BetMGM spokesman said in an emailed statement Wednesday. “That issue has been resolved.”

A person familiar with the situation said reports that cybercriminals had redirected mobile betting funds to different altered accounts were unfounded.

Meanwhile, a 10th class-action lawsuit seeking damages from either MGM or Caesars was filed Wednesday in U.S. District Court in Nevada.

David Terezo, who was identified in the lawsuit as an MGM Rewards member from Woodbury, New York, became the 10th person to file a lawsuit alleging that MGM failed “to prevent a cyberattack that resulted in the theft and dissemination of plaintiff’s and other similarly situated consumers’ sensitive information, including … their full names, dates of birth, addresses, email addresses, phone numbers, Social Security numbers and/or driver’s license numbers.”

The lawsuit seeks unspecified damages from the company and a demand that it better protect its data through encryption, to have regular third-party checks to assure compliance and to educate employees to prevent further attacks that could compromise customers’ personal information.

MGM officials had no comment on the new lawsuit and neither MGM nor Caesars have commented on previous lawsuits.

Legal experts, on background, told the Review-Journal Wednesday that it is likely a judge assigned to the case would move to consolidate the class-action complaints into one action because they are similar to each other and complex.

Contact Richard N. Velotta at rvelotta@reviewjournal.com or 702-477-3893. Follow @RickVelotta on X.

Don't miss the big stories. Like us on Facebook.
THE LATEST
MORE STORIES
recommend 1
FTC seeks order forcing MGM to respond to cyberattack probe
recommend 2
What belongs to Caesars? Nearly 21K hotel rooms in Las Vegas
recommend 3
Source: Findlay operations nearly idled, losses mount from cyberattack; suit filed
recommend 4
What are they hiding?: Gaming Control Board plays by a different set of rules
recommend 5
Casino games to stream live through new MGM Resorts partnership
recommend 6
MGM topples food donation goal, surpassing 5M meals