MGM Didn’t Pay Hackers, Suffered Financial Consequences
Posted on: October 6, 2023, 03:22h.
Last updated on: October 7, 2023, 12:42h.
MGM Resorts International (NYSE: MGM) reportedly refused the hackers that recently executed a ransomware attack on its US operations and will suffer a significant reduction in third-quarter earnings as a result.
On Thursday, the Bellagio operator warned investors its third-quarter earnings before interest, taxes, depreciation, amortization, and restructuring or rent costs (EBITDAR) will be reduced by $100 million due to the attack, which lasted at least 10 days. MGM also said it faces $10 million in one-time expenses attributable to the data breach.
That $100 million likely would have been significantly lower and covered by insurance had MGM opted to pay “Scattered Spider.” Still, sources close to the matter told the Wall Street Journal the casino giant chose not to meet the ransom demand.
That’s a departure from rival Caesars Entertainment (NASDAQ: CZR) when confronted by a ransomware attack executed by the same group. The Harrah’s operator paid $15 million of the $30 million Scattered Spider wanted and didn’t deal with operational chaos like MGM.
MGM Followed FBI Guidelines
Much as the US government claims to not negotiate with the terrorists, the FBI encourages victims of ransomware attacks to not meet the demands of the threat actors.
The FBI does not support paying a ransom in response to a ransomware attack,” according to the federal law enforcement agency. “Paying a ransom doesn’t guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.”
Apparently, MGM took that advice, but many other companies, including Caesars, that are hit by ransomware attacks do not. As a result, the bad actors are emboldened because they believe the odds are short they’ll be paid. Thus, the frequency of these breaches is increasing.
“The best way to avoid being exposed to ransomware—or any type of malware—is to be a cautious and conscientious computer user,” the FBI added. “Malware distributors have gotten increasingly savvy, and you need to be careful about what you download and click on.”
What’s Next for MGM
Following the attack, MGM rebuilt its cybersecurity systems and bolstered related defenses. That’s a step in the right direction, but the damage is done, and some investors might argue that MGM should have played ball with Scattered Spider and paid them to go away.
The math favors that argument. After all, MGM’s $100 million hit to third-quarter earnings is significantly larger than the $15 million a Caesars insurance carrier paid out.
It is, however, a complex situation. In the month following the attack, shares of MGM tumbled roughly 20%, but the stock surged 4.86% on above-average volume, perhaps spurred by the news the company didn’t comply with the ransom demand.
Related News Articles
Penn Entertainment Sheds Barstool, Unveils $1.5B ESPN Deal
Casino Ransomware Attacks Could Stoke Higher Insurance Costs
MGM Director Meister Says Company Responded ‘Rationally’ to Cyberattack
MGM Has $200M Cyber Insurance Policy, Stock Can Recover, Says Analyst
Most Popular
VEGAS MYTHS BUSTED: Sinatra Got His Teeth Knocked Out by a Casino Exec
ALL-OUT! Sahara Will Be 7th Vegas Strip Casino to Fold Poker Room in 5 Years
Lisa Vanderpump Buys $5M Vegas Mansion
Las Vegas’ Ellis Island Getting All Fancy
Most Commented
-
UPDATE: Giant Naked Donald Trump Removed from Side of Las Vegas Freeway
October 1, 2024 — 17 Comments— -
VEGAS MYTHS RE-BUSTED: Las Vegas is in Imminent Danger of Running Out of Water
September 27, 2024 — 11 Comments— -
LOST VEGAS: Bobby Berosini’s Orangutans
October 2, 2024 — 5 Comments— -
LOST VEGAS: Art Bell’s House and Radio Compound
September 16, 2024 — 3 Comments— -
VEGAS MYTHS RE-BUSTED: The Final Resting Place of Whiskey Pete
October 25, 2024 — 3 Comments—
No comments yet