FBI probing MGM Resorts cyber incident as some casino systems still down

By Raphael Satter and Zeba Siddiqui

NEW YORK/SAN FRANCISCO (Reuters) -The FBI said on Wednesday it was investigating a cybersecurity incident at gaming giant MGM Resorts (NYSE:) International that kept several of the casino operator’s systems paralyzed for a third straight day.

MGM, which runs 31 hotels and gaming venues globally including in Macau, said on Monday it shut down some of its computer systems due to an unspecified “cybersecurity issue” that it was working with law enforcement and cybersecurity experts to investigate.

The scale and impact of the incident wasn’t immediately clear but posts on social media showed slot machines down and long queues as disruption hit several of the group’s properties in Las Vegas.

The rating agency Moody’s (NYSE:) warned the incident could negatively impact MGM’s credit rating.

Such breaches are typical hallmarks of ransomware incidents in which extortionists encrypt victims’ computer systems and demand ransoms in digital currency. It was not immediately clear who was behind the issue and what data, if any, had been stolen from MGM’s systems.

Analysts say casinos are prime targets of financially-motivated cybercrimes.

“They’re more likely to get paid because they’re disrupting casino operations,” said Allan Liska, intelligence analyst at the security firm Recorded Future.

“Casinos around the world should be on heightened alert because ransomware groups love it when they get this kind of attention, so we will likely see copycats.”

The FBI said it had opened an investigation into the incident but declined to share further details.

Moody’s analysts said in a report that the incident “highlights key risks related to (MGM’s) business operations’ heavy reliance on technology and the operational disruption caused when systems need to go offline or are inoperable.”

Messages seeking further comment from MGM and the U.S. cybersecurity watchdog agency CISA were not immediately returned. MGM Resorts’ website was “currently unavailable,” according to a holding message posted to the group’s homepage.

“Our investigation is ongoing and we are working diligently to determine the nature and scope of the matter,” MGM said in a post on the social media website X on Monday.