Caesars Reportedly Paid Cyber Ransom, MGM Credit Rating Vulnerable Following Hack

News of cyber breaches afflicting Las Vegas Strip casino operators is getting worse. Just two days after MGM Resorts International (NYSE: MGM) confirmed it was the victim of a wide-ranging cyber attack, rival Caesars Entertainment (NASDAQ: CZR) will reportedly soon tell investors it was the target of a ransomware crime.

Caesars F1
Caesars Palace Las Vegas. The operator reportedly paid a ransomware demand, and rival MGM could do the same. (Image: CNN)

Earlier today, unidentified sources with knowledge of the matter told Bloomberg that the hacking group “Scattered Spider,” or UNC 3944, recently hit Caesars with a ransomware infiltration. It successfully extorted the gaming company for an unreported sum. According to unconfirmed speculation on X (formerly Twitter), the cyber thieves hit the Harrah’s operator for $30 million, maybe more.

Per newly instituted guidelines from the Securities and Exchange Commission (SEC), publicly traded companies must disclose “material” events to investors, of which cyber ransoms fit the bill. Those disclosures are made via an Item 1.05 Form 8-K, which Caesars is expected to file soon. At press time, the last SEC filing from Caesars was dated Aug. 25, according to the commission’s website.

Casino.org reached out to the casino operator before the publication of this article. But requests for comment were not responded to.

Ransomware Attacks Increasingly Common

To date, MGM has not confirmed that it was the victim of a ransomware attack. Still, some cybersecurity experts believe the cyber breach that sent the company’s operations into a tailspin this week has all the telltale signs of a ransomware infiltration.

It’s believed Scattered Spider is not behind the MGM hack. Media reports suggest the MGM cyber breach occurred when a perpetrator posed as a current MGM staffer. The person then leveraged that faux status to attain technology credentials from the company’s information technology (IT) department.

Conversely, Scattered Spider is said to have initiated its hack of Caesars via an outside vendor to the gaming company. According to Bloomberg, by hacking the third-party vendor, Scattered Spider gained access to Caesars’ network in a breach that’s believed to have started on Aug. 27.

MGM and Caesars are the two largest operators on the Las Vegas Strip, and both have extensive portfolios of regional casinos strewn across the U.S.

Potential Investor Impact

Caesars hasn’t officially disclosed the financial magnitude of the cyber attack it endured, and MGM hasn’t confirmed it’s dealing with a ransomware scenario. Still, some adverse effects could be felt by both companies’ investors.

In a note to clients today, Moody’s Investors Service called the MGM breach a “credit negative” event, and while it didn’t pare its rating on the casino giant, the research firm observed the hack “highlights key risks related to (MGM’s) business operations’ heavy reliance on technology and the operational disruption caused when systems need to go offline or are inoperable.” Moody’s didn’t comment on Caesars. It has a “B1” grade on MGM’s debt.

“Additional risks to MGM include potential revenue losses while systems were down, reputational risk and any direct costs related to investigation and remediation,” added Moody’s. “Litigation expense or liability that the company may have because of compromised data, to the extent there is any, is also a risk.”

Todd Shriber
Todd Shriber Financial Reporter

Todd Shriber is a senior news reporter covering gaming financials, casino business, stocks, and mergers and acquisitions for Casino.org.

Todd got his start in financial markets as a reporter with Bloomberg News. Later, he became a trader at a Southern California-based long/short hedge fund, where he specialized in the trading sector and international ETFs leading up to and during the financial crisis. He joined Casino.org in 2019.

Currently, Todd analyzes, researches, and writes on ETFs for various web-based publications and financial services firms. Shriber has been featured and quoted in Barron's, CNBC.com, and The Wall Street Journal. His work can also be found on Benzinga, ETF Daily News, ETF Trends, MarketWatch, Fox Business, and Nasdaq.com.

He currently resides in Las Vegas, where he enjoys golf and taking his black lab to the dog park. He's also an avid sports fan and likes to wager on college football and the NBA. You can also find him at the three-card poker and roulette table, even though he knows better.

Contact Todd at todd.shriber@casino.org.

Comments icon

Conversation (2 comments)

+ Add a comment
  • J
    Jp September 14, 2023
    Maybe it was a bad idea to let 2 companies own 90 percent of the strip?!
    Reply
  • C
    Claude September 13, 2023
    Guess they will have to tighten up the games and comps even more
    Reply

Write a comment

Your email address will not be published.