MGM Resorts (2022 Update)
HighMGM Resorts suffered a large-scale data breach in 2019, affecting millions of guests and exposing sensitive information.
- Records exposed
- 24,842,001 records
- Breach date
- Breach Jul 25, 2019
- Last update
- Updated May 29, 2022
What data was exposed?
Fields reported as compromised in this breach record.
Why does this breach matter?
In-depth analysis of the breach and its implications.
In mid-2019, MGM Resorts identified a breach of their cloud services hosting client data. The initial breach disclosed personal data from 10.6 million guests, including email addresses, names, phone numbers, physical addresses, and dates of birth. In May 2022, further analysis confirmed the discovery of 142 million rows of the same incident’s data on a dark web marketplace. This superseded dataset encompasses 24.8 million unique email addresses. Such breaches highlight the crucial need for cloud service security and proactive measures to mitigate exposure.
Impact Analysis
Understanding the scope and consequences of this breach.
- User Impact
- Compromised personal information increases risks of phishing and fraud.
- Business Impact
- Negative reputation impact, potential legal compliances, and financial penalties.
- Affected Sectors
- Hospitality
- Cloud Services
- Geographic Impact
- Global
What You Should Do
Recommended actions to take in response to this breach.
If You Were Affected
- •Monitor accounts for unauthorized activity.
- •Change passwords for potentially linked accounts.
- •Enable two-factor authentication on sensitive services.
- •Place alerts with credit bureaus to guard against identity theft.
Preventive Measures
- •Vet third-party service providers for robust security capabilities.
- •Implement and audit strict access controls.
- •Regularly monitor cloud services for improper configurations.
- •Educate employees on cybersecurity best practices.
Frequently Asked Questions
Common questions about this breach and what it means for you.