Caesars Reportedly Paid Cyber Ransom, MGM Credit Rating Vulnerable Following Hack

Posted on: September 13, 2023, 05:06h. 

Last updated on: September 14, 2023, 10:49h.

News of cyber breaches afflicting Las Vegas Strip casino operators is getting worse. Just two days after MGM Resorts International (NYSE: MGM) confirmed it was the victim of a wide-ranging cyber attack, rival Caesars Entertainment (NASDAQ: CZR) will reportedly soon tell investors it was the target of a ransomware crime.

Caesars F1
Caesars Palace Las Vegas. The operator reportedly paid a ransomware demand, and rival MGM could do the same. (Image: CNN)

Earlier today, unidentified sources with knowledge of the matter told Bloomberg that the hacking group “Scattered Spider,” or UNC 3944, recently hit Caesars with a ransomware infiltration. It successfully extorted the gaming company for an unreported sum. According to unconfirmed speculation on X (formerly Twitter), the cyber thieves hit the Harrah’s operator for $30 million, maybe more.

Per newly instituted guidelines from the Securities and Exchange Commission (SEC), publicly traded companies must disclose “material” events to investors, of which cyber ransoms fit the bill. Those disclosures are made via an Item 1.05 Form 8-K, which Caesars is expected to file soon. At press time, the last SEC filing from Caesars was dated Aug. 25, according to the commission’s website. reached out to the casino operator before the publication of this article. But requests for comment were not responded to.

Ransomware Attacks Increasingly Common

To date, MGM has not confirmed that it was the victim of a ransomware attack. Still, some cybersecurity experts believe the cyber breach that sent the company’s operations into a tailspin this week has all the telltale signs of a ransomware infiltration.

It’s believed Scattered Spider is not behind the MGM hack. Media reports suggest the MGM cyber breach occurred when a perpetrator posed as a current MGM staffer. The person then leveraged that faux status to attain technology credentials from the company’s information technology (IT) department.

Conversely, Scattered Spider is said to have initiated its hack of Caesars via an outside vendor to the gaming company. According to Bloomberg, by hacking the third-party vendor, Scattered Spider gained access to Caesars’ network in a breach that’s believed to have started on Aug. 27.

MGM and Caesars are the two largest operators on the Las Vegas Strip, and both have extensive portfolios of regional casinos strewn across the U.S.

Potential Investor Impact

Caesars hasn’t officially disclosed the financial magnitude of the cyber attack it endured, and MGM hasn’t confirmed it’s dealing with a ransomware scenario. Still, some adverse effects could be felt by both companies’ investors.

In a note to clients today, Moody’s Investors Service called the MGM breach a “credit negative” event, and while it didn’t pare its rating on the casino giant, the research firm observed the hack “highlights key risks related to (MGM’s) business operations’ heavy reliance on technology and the operational disruption caused when systems need to go offline or are inoperable.” Moody’s didn’t comment on Caesars. It has a “B1” grade on MGM’s debt.

“Additional risks to MGM include potential revenue losses while systems were down, reputational risk and any direct costs related to investigation and remediation,” added Moody’s. “Litigation expense or liability that the company may have because of compromised data, to the extent there is any, is also a risk.”