People stroll by the MGM Grand hotel-casino Wednesday, Sept. 13, 2023, in Las Vegas.

John Locher/AP

disguise caption

toggle caption

John Locher/AP

People stroll by the MGM Grand hotel-casino Wednesday, Sept. 13, 2023, in Las Vegas.

John Locher/AP

LAS VEGAS — Casino firm Caesars Entertainment on Thursday joined Las Vegas playing rival MGM Resorts International in reporting that it was hit by a cyberattack, however added in a report back to federal regulators that its on line casino and on-line operations weren’t disrupted.

The Reno-based publicly traded firm told the federal Securities and Exchange Commission that it couldn’t assure that private details about tens of tens of millions of consumers was safe following a knowledge breach Sept. 7 that will have uncovered driver’s license and Social Security numbers of loyalty rewards members.

“We have taken steps to ensure that the stolen data is deleted by the unauthorized actor,” the corporate mentioned, “although we cannot guarantee this result.”

Brett Callow, risk analyst for the New Zealand-based cybersecurity agency Emsisoft, mentioned it was not clear if a ransom was paid or who was answerable for the intrusion — and for the assault reported Monday by MGM Resorts.

“Unofficially, we saw a group called Scattered Spider claimed responsibility,” Callow mentioned. “They appear to be native English speakers under the umbrella of a Russia-based operation called ALPHV or BlackCat.”

Scattered Spider additionally is named UNC3944, mentioned Charles Carmakal, chief technical officer at cybersecurity agency Mandiant. He known as the group “incredibly disruptive and aggressive” in current focusing on of hospitality and leisure organizations.

“They leverage tradecraft that is challenging for many organizations with mature security programs to defend against,” Carmakal mentioned in a press release.

Mandiant mentioned in a blog analysis published Thursday the group makes use of SMS textual content phishing and cellphone calls to assist desks to aim to acquire password resets or multifactor bypass codes.

“This relatively new entrant in the ransomware industry has hit at least 100 organizations, most of them in the U.S. and Canada,” Mandiant mentioned.

Caesars is the most important on line casino proprietor on this planet, with greater than 65 million Caesars Rewards members and properties in 18 states and Canada underneath the Caesars, Harrah’s, Horseshoe and Eldorado manufacturers. It additionally has cellular and on-line operations and sports activities betting. Company officers didn’t reply to emailed questions from The Associated Press.

The firm instructed the SEC that loyalty program clients have been being supplied credit score monitoring and id theft safety.

There was no proof the intruder obtained member passwords or checking account and cost card data, the corporate reported, including that operations at casinos and on-line “have not been impacted by this incident and continue without disruption.”

The disclosure by Caesars got here after MGM Resorts International, the most important on line casino firm in Las Vegas, reported publicly on Monday {that a} cyberattack that it detected Sunday led it to close down laptop techniques at its properties throughout the U.S. to guard knowledge.

MGM Resorts mentioned reservations and on line casino flooring in Las Vegas and different states have been affected. Customers shared tales on social media about not with the ability to make bank card transactions, acquire cash from money machines or enter resort rooms. Some video slot machines have been darkish.

MGM Resorts has has about 40 million loyalty rewards members and tens of hundreds of resort rooms in Las Vegas at properties together with the MGM Grand, Bellagio, Aria and Mandalay Bay. It additionally operates properties in China and Macau.

An organization report on Tuesday to the SEC pointed to its Monday information launch. The FBI mentioned an investigation was ongoing however supplied no further data.

Some MGM Resorts laptop techniques have been nonetheless down Thursday, together with resort reservations and payroll. But firm spokesman Brian Ahern mentioned its 75,000 staff within the U.S. and overseas have been anticipated to be paid on time.

Callow, talking by phone from British Columbia, Canada, known as most media accounts of the incidents speculative as a result of data gave the impression to be coming from the identical entities that declare to have carried out the assaults. He mentioned restoration from cyberattacks can take months.

Callow pointed to reviews that he known as “plausible” that Caesars Entertainment was requested to pay $30 million for a promise to safe its knowledge and will have paid $15 million. He additionally famous that the corporate didn’t describe within the SEC report the steps taken to make sure that the stolen knowledge was safe.

The highest ransom believed to have been paid to cyber-attackers was $40 million by insurance coverage big CNA Financial, Callow mentioned, following a knowledge breach in March 2021.

“In these cases, organizations basically pay to get a ‘pinky promise,'” he mentioned. “There is no way to actually know that (hackers) do delete (stolen data) or that it won’t be used elsewhere.”