MGM Resorts International Company Cyber Security Posture
mgmresorts.comThe resorts and casinos of MGM Resorts Internationalโข are some of the most famous in the world. Our 28 destinations are renowned for their winning combination of quality entertainment, luxurious facilities, and exceptional customer service. We are actively expanding our presence globally, with potential developments in a number of domestic and international markets. At MGM Resorts International, we are all striving together to deliver an enticing blend of entertainment to every corner of the world. Many of our resorts are located in Las Vegas. Las Vegas features three of the largest convention centers in the U.S., spectacular entertainment, attractions, shopping, โand world-famous resorts. Whether dancing fountains, incredible stage productions, casino action, museums or natural attractions such as Lake Mead, Vegas offers something for everyone. A stroll down our streets takes you around the globe, with recreations like climbing to the top of the Eiffel Tower or taking a Venetian gondola ride. From shimmering resort pools and spa rejuvenation to nonstop nightlife, Las Vegas promises an unforgettable career destination. With all of our unique and spectacular resorts and casinos, MGM Resorts International has a world of opportunities for you to discover excitement and rewards as you provide our guests with a wonderful and memorable experience. Take a closer look at our properties. We think you'll find an opportunity that's right for you. The 81,000 global employees of MGM Resorts are proud to be recognized as one of FORTUNEยฎ Magazineโs Worldโs Most Admired Companiesยฎ. At MGM Resorts, we know the importance of respecting each otherโs differences. We endeavor to embrace and leverage our diversity to achieve best-in-class experiences and cultivate stronger ties with our employees, guests, suppliers and community partners. We are committed to taking strong and principled stands on issues of equality and aim to better unify our world.
MRI Company Details
mgm-resorts-international
25547 employees
183169.0
721
Hospitality
mgmresorts.com
Scan still pending
MGM_1983035
In-progress
MRI Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
MRI Global Score.png)
MGM Resorts International Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
MGM Resorts International Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| MGM Resorts International | Cyber Attack | 60 | 3 | 09/2023 | MGM85317923 | Link | |
Rankiteo Explanation : Attack with significant impact with internal employee data leaksDescription: Caesars Entertainment revealed in an SEC filing that the company had been the victim of a social engineering attack on an outsourced IT support vendor used by the company. The website and smartphone apps for the corporation have been down for almost a week. Weeks before the attack on MGM Resorts, Caesars was attacked. The attack severely disrupted MGM's operations, making check-in for visitors a lengthy process and rendering electronic payments, digital key cards, slot machines, ATMs, and paid parking systems useless. Known ransomware-as-a-service organizations seem to have targeted both businesses. ALPHV. | |||||||
| MGM Resorts International | Ransomware | 100 | 5 | 3/2025 | MGM906031025 | Link | |
Rankiteo Explanation : Attack threatening the organizationโs existenceDescription: MGM Resorts International suffered a ransomware attack in September 2023, significantly disrupting operations across its Las Vegas properties. The digital systems for managing casinos and hotels were incapacitated, preventing credit card transactions and forcing guests to seek alternative accommodations. Staff had to manually compute slot machine outcomes due to the systems' unavailability. Over 37 million customers and a trove of business information were affected, and hackers associated with the BlackCat/Alphv gang later claimed responsibility. The incident led to a substantial financial loss for the company, estimated at about $100 million, and triggered a sequence of class action lawsuits resulting in a $45 million settlement. | |||||||
| MGM Resorts | Ransomware | 100 | 6 | 6/2025 | MGM611060625 | Link | |
Rankiteo Explanation : Attack threatening the economy of geographical regionDescription: The cybercriminal group SCATTERED SPIDER executed a sophisticated phone-based social engineering attack on MGM Resorts, leading to widespread IT disruption across its casinos and hotels. The attackers, using their linguistic and cultural fluency, impersonated legitimate employees to bypass multi-factor authentication and gain initial access. This attack caused significant operational disruptions, affecting critical sectors including hospitality, and demonstrated the vulnerability of well-defended organizations to human-centric intrusion strategies. | |||||||
MGM Resorts International Company Subsidiaries
The resorts and casinos of MGM Resorts Internationalโข are some of the most famous in the world. Our 28 destinations are renowned for their winning combination of quality entertainment, luxurious facilities, and exceptional customer service. We are actively expanding our presence globally, with potential developments in a number of domestic and international markets. At MGM Resorts International, we are all striving together to deliver an enticing blend of entertainment to every corner of the world. Many of our resorts are located in Las Vegas. Las Vegas features three of the largest convention centers in the U.S., spectacular entertainment, attractions, shopping, โand world-famous resorts. Whether dancing fountains, incredible stage productions, casino action, museums or natural attractions such as Lake Mead, Vegas offers something for everyone. A stroll down our streets takes you around the globe, with recreations like climbing to the top of the Eiffel Tower or taking a Venetian gondola ride. From shimmering resort pools and spa rejuvenation to nonstop nightlife, Las Vegas promises an unforgettable career destination. With all of our unique and spectacular resorts and casinos, MGM Resorts International has a world of opportunities for you to discover excitement and rewards as you provide our guests with a wonderful and memorable experience. Take a closer look at our properties. We think you'll find an opportunity that's right for you. The 81,000 global employees of MGM Resorts are proud to be recognized as one of FORTUNEยฎ Magazineโs Worldโs Most Admired Companiesยฎ. At MGM Resorts, we know the importance of respecting each otherโs differences. We endeavor to embrace and leverage our diversity to achieve best-in-class experiences and cultivate stronger ties with our employees, guests, suppliers and community partners. We are committed to taking strong and principled stands on issues of equality and aim to better unify our world.
Access Data Using Our API
Get company history
Rapid.png)
MRI Cyber Security News
FTC and MGM Resorts Give Up Legal Fight Over Cybersecurity
MGM Resorts International and the Federal Trade Commission (FTC) are ending a contentious legal dispute over a September 2023 cyberattack.
MGM Resorts settles class action lawsuit over cyber attacks in 2019, 2023
MGM Resorts has agreed to pay $45 million due to data breaches, which exposed the personal information of millions of hotel guests.
MGM Resorts Consolidates Cybersecurity and Reduces Costs with CrowdStrike
In this fireside chat, MGM Resorts CISO Stephen Harrison discusses his eight-year journey as a CrowdStrike customer with CrowdStrike President Michael Sentonas.
MGM agrees to pay $45 million to victims of 2019 data breach and 2023 ransomware attack
MGM Resorts International agreed to pay $45 million to settle multiple class action lawsuits related to a data breach in 2019 and aย ...
MGM Resorts International Agrees to Pay $45 Million to Settle a Consolidated Data Breach Lawsuit
MGM Resorts will pay $45 million to settle a consolidated data breach lawsuit stemming from a 2019 data leak and a 2023 ransomware attackย ...
MGM Ransomware Attack Settlement Is Reached
The ransomware attack affected 30 MGM Resort properties causing immediate tremendous disruption that lasted for nine days with guests' digitalย ...
Cyber threats disrupt global firms in US, UK and Europe
An incident at the Polish game developer led to hackers gaining access to the company's game code systems and personal data of its employees.
MGM Agrees to Pay $45 Million to Settle Data-Breach Lawsuit
The deal would resolve a consolidated class-action over two cyberattacks, one of which cost the resort operator $100 million.
UK Police: 17-year-old connected to cyberattack of MGM Resorts
Police in England accuse a 17-year-old for being connected to a global cyber online group that targeted large organizations such as MGM Resorts.
MRI Similar Companies
Four Seasons Hotels and Resorts
Four Seasons Hotels and Resorts opened its first hotel in 1961, and since that time has been dedicated to perfecting the travel experience through continual innovation and the highest standards of hospitality. Currently operating more than 120 hotels and resorts, and more than 50 residential propert
Holiday Inn Express
An IHG hotel. IHG Hotels & Resorts [LON:IHG, NYSE:IHG (ADRs)] is a global hospitality company, with a purpose to provide True Hospitality for Good. At Holiday Inn Express, we strive to make every interaction you have with us simple, smart and refreshingly engaging. With over 3,000 hotels in 75 di
USA Parking System
SP+ Hospitality is the industry's largest, leading parking company in the world. Our specialty is the management of the parking and arrival experience of high end, service-oriented resorts and hotels. Our commitment to training, guest service, and promotion from within are just a few of the many rea
Hilton Alexandria Mark Center
Located on the West End of Historic Alexandria, adjacent to the Winkler Botanical Preserve and minutes from Old Town Alexandria, on a serene lake surrounded by landscaped gardens, sits the Hilton Alexandria Mark Center. Owned by a private investment fund advised by Crow Holdings Capital Partners,
Shangri-La Group
Headquartered in Hong Kong SAR, the Shangri-La Group has grown from a single hotel business to a diverse and integrated global portfolio comprising quality real estate and investment properties, wellness and lifestyle facilities. Today, the Group owns, operates and manages 100+ hotels under our fami
Minor Hotels Europe and Americas
Minor Hotels is a global hospitality leader with a network of more than 560 hotels across six continents. We drive growth through eight diverse hotel brands and a portfolio of related hospitality businesses. Perpetually driven by an entrepreneurial spirit, we create better brands, businesses and p
Frequently Asked Questions (FAQ) on Cybersecurity Incidents
MRI CyberSecurity History Information
Total Incidents: According to Rankiteo, MRI has faced 3 incidents in the past.
Incident Types: The types of cybersecurity incidents that have occurred include ['Cyber Attack', 'Ransomware'].
Total Financial Loss: The total financial loss from these incidents is estimated to be {total_financial_loss}.
Cybersecurity Posture: The company's overall cybersecurity posture is described as The resorts and casinos of MGM Resorts Internationalโข are some of the most famous in the world. Our 28 destinations are renowned for their winning combination of quality entertainment, luxurious facilities, and exceptional customer service. We are actively expanding our presence globally, with potential developments in a number of domestic and international markets. At MGM Resorts International, we are all striving together to deliver an enticing blend of entertainment to every corner of the world. Many of our resorts are located in Las Vegas. Las Vegas features three of the largest convention centers in the U.S., spectacular entertainment, attractions, shopping, โand world-famous resorts. Whether dancing fountains, incredible stage productions, casino action, museums or natural attractions such as Lake Mead, Vegas offers something for everyone. A stroll down our streets takes you around the globe, with recreations like climbing to the top of the Eiffel Tower or taking a Venetian gondola ride. From shimmering resort pools and spa rejuvenation to nonstop nightlife, Las Vegas promises an unforgettable career destination. With all of our unique and spectacular resorts and casinos, MGM Resorts International has a world of opportunities for you to discover excitement and rewards as you provide our guests with a wonderful and memorable experience. Take a closer look at our properties. We think you'll find an opportunity that's right for you. The 81,000 global employees of MGM Resorts are proud to be recognized as one of FORTUNEยฎ Magazineโs Worldโs Most Admired Companiesยฎ. At MGM Resorts, we know the importance of respecting each otherโs differences. We endeavor to embrace and leverage our diversity to achieve best-in-class experiences and cultivate stronger ties with our employees, guests, suppliers and community partners. We are committed to taking strong and principled stands on issues of equality and aim to better unify our world..
Detection and Response: The company detects and responds to cybersecurity incidents through {description_of_detection_and_response_process}.
Incident Details
Incident 1: Ransomware Attack
Title: {Incident_Title}
Description: {Brief_description_of_the_incident}
Date Detected: {Detection_Date}
Date Publicly Disclosed: {Disclosure_Date}
Date Resolved: {Resolution_Date}
Type: {Type_of_Attack}
Attack Vector: {Attack_Vector}
Vulnerability Exploited: {Vulnerability}
Threat Actor: {Threat_Actor}
Motivation: {Motivation}
Incident 2: Data Breach
Title: {Incident_Title}
Description: {Brief_description_of_the_incident}
Date Detected: {Detection_Date}
Date Publicly Disclosed: {Disclosure_Date}
Date Resolved: {Resolution_Date}
Type: {Type_of_Attack}
Attack Vector: {Attack_Vector}
Vulnerability Exploited: {Vulnerability}
Threat Actor: {Threat_Actor}
Motivation: {Motivation}
Common Attack Types: The most common types of attacks the company has faced are ['Ransomware'].
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through {description_of_identification_process}.
Impact of the Incidents
Incident 1: Ransomware Attack
Financial Loss: {Financial_Loss}
Data Compromised: {Data_Compromised}
Systems Affected: {Systems_Affected}
Downtime: {Downtime}
Operational Impact: {Operational_Impact}
Conversion Rate Impact: {Conversion_Rate_Impact}
Revenue Loss: {Revenue_Loss}
Customer Complaints: {Customer_Complaints}
Brand Reputation Impact: {Brand_Reputation_Impact}
Legal Liabilities: {Legal_Liabilities}
Identity Theft Risk: {Identity_Theft_Risk}
Payment Information Risk: {Payment_Information_Risk}
Incident 2: Data Breach
Financial Loss: {Financial_Loss}
Data Compromised: {Data_Compromised}
Systems Affected: {Systems_Affected}
Downtime: {Downtime}
Operational Impact: {Operational_Impact}
Conversion Rate Impact: {Conversion_Rate_Impact}
Revenue Loss: {Revenue_Loss}
Customer Complaints: {Customer_Complaints}
Brand Reputation Impact: {Brand_Reputation_Impact}
Legal Liabilities: {Legal_Liabilities}
Identity Theft Risk: {Identity_Theft_Risk}
Payment Information Risk: {Payment_Information_Risk}
Average Financial Loss: The average financial loss per incident is {average_financial_loss}.
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are {list_of_commonly_compromised_data_types}.
Incident 1: Ransomware Attack
Entity Name: {Entity_Name}
Entity Type: {Entity_Type}
Industry: {Industry}
Location: {Location}
Size: {Size}
Customers Affected: {Customers_Affected}
Incident 2: Data Breach
Entity Name: {Entity_Name}
Entity Type: {Entity_Type}
Industry: {Industry}
Location: {Location}
Size: {Size}
Customers Affected: {Customers_Affected}
Response to the Incidents
Incident 1: Ransomware Attack
Incident Response Plan Activated: {Yes/No}
Third Party Assistance: {Yes/No}
Law Enforcement Notified: {Yes/No}
Containment Measures: {Containment_Measures}
Remediation Measures: {Remediation_Measures}
Recovery Measures: {Recovery_Measures}
Communication Strategy: {Communication_Strategy}
Adaptive Behavioral WAF: {Adaptive_Behavioral_WAF}
On-Demand Scrubbing Services: {On_Demand_Scrubbing_Services}
Network Segmentation: {Network_Segmentation}
Enhanced Monitoring: {Enhanced_Monitoring}
Incident 2: Data Breach
Incident Response Plan Activated: {Yes/No}
Third Party Assistance: {Yes/No}
Law Enforcement Notified: {Yes/No}
Containment Measures: {Containment_Measures}
Remediation Measures: {Remediation_Measures}
Recovery Measures: {Recovery_Measures}
Communication Strategy: {Communication_Strategy}
Adaptive Behavioral WAF: {Adaptive_Behavioral_WAF}
On-Demand Scrubbing Services: {On_Demand_Scrubbing_Services}
Network Segmentation: {Network_Segmentation}
Enhanced Monitoring: {Enhanced_Monitoring}
Incident Response Plan: The company's incident response plan is described as {description_of_incident_response_plan}.
Third-Party Assistance: The company involves third-party assistance in incident response through {description_of_third_party_involvement}.
Data Breach Information
Incident 2: Data Breach
Type of Data Compromised: {Type_of_Data}
Number of Records Exposed: {Number_of_Records}
Sensitivity of Data: {Sensitivity_of_Data}
Data Exfiltration: {Yes/No}
Data Encryption: {Yes/No}
File Types Exposed: {File_Types}
Personally Identifiable Information: {Yes/No}
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: {description_of_prevention_measures}.
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through {description_of_handling_process}.
Ransomware Information
Incident 1: Ransomware Attack
Ransom Demanded: {Ransom_Amount}
Ransom Paid: {Ransom_Paid}
Ransomware Strain: {Ransomware_Strain}
Data Encryption: {Yes/No}
Data Exfiltration: {Yes/No}
Ransom Payment Policy: The company's policy on paying ransoms in ransomware incidents is described as {description_of_ransom_payment_policy}.
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through {description_of_data_recovery_process}.
Regulatory Compliance
Incident 1: Ransomware Attack
Regulations Violated: {Regulations_Violated}
Fines Imposed: {Fines_Imposed}
Legal Actions: {Legal_Actions}
Regulatory Notifications: {Regulatory_Notifications}
Incident 2: Data Breach
Regulations Violated: {Regulations_Violated}
Fines Imposed: {Fines_Imposed}
Legal Actions: {Legal_Actions}
Regulatory Notifications: {Regulatory_Notifications}
Regulatory Frameworks: The company complies with the following regulatory frameworks regarding cybersecurity: {list_of_regulatory_frameworks}.
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through {description_of_compliance_measures}.
Lessons Learned and Recommendations
Incident 1: Ransomware Attack
Lessons Learned: {Lessons_Learned}
Incident 2: Data Breach
Lessons Learned: {Lessons_Learned}
Incident 1: Ransomware Attack
Recommendations: {Recommendations}
Incident 2: Data Breach
Recommendations: {Recommendations}
Key Lessons Learned: The key lessons learned from past incidents are {list_of_key_lessons_learned}.
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: {list_of_implemented_recommendations}.
References
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at {list_of_additional_resources}.
Investigation Status
Incident 1: Ransomware Attack
Investigation Status: {Investigation_Status}
Incident 2: Data Breach
Investigation Status: {Investigation_Status}
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through {description_of_communication_process}.
Stakeholder and Customer Advisories
Incident 1: Ransomware Attack
Stakeholder Advisories: {Stakeholder_Advisories}
Customer Advisories: {Customer_Advisories}
Incident 2: Data Breach
Stakeholder Advisories: {Stakeholder_Advisories}
Customer Advisories: {Customer_Advisories}
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: {description_of_advisories_provided}.
Initial Access Broker
Incident 1: Ransomware Attack
Entry Point: {Entry_Point}
Reconnaissance Period: {Reconnaissance_Period}
Backdoors Established: {Backdoors_Established}
High Value Targets: {High_Value_Targets}
Data Sold on Dark Web: {Yes/No}
Incident 2: Data Breach
Entry Point: {Entry_Point}
Reconnaissance Period: {Reconnaissance_Period}
Backdoors Established: {Backdoors_Established}
High Value Targets: {High_Value_Targets}
Data Sold on Dark Web: {Yes/No}
Monitoring and Mitigation of Initial Access Brokers: The company monitors and mitigates the activities of initial access brokers through {description_of_monitoring_and_mitigation_measures}.
Post-Incident Analysis
Incident 1: Ransomware Attack
Root Causes: {Root_Causes}
Corrective Actions: {Corrective_Actions}
Incident 2: Data Breach
Root Causes: {Root_Causes}
Corrective Actions: {Corrective_Actions}
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as {description_of_post_incident_analysis_process}.
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: {list_of_corrective_actions_taken}.
Additional Questions
General Information
Ransom Payment History: The company has {paid/not_paid} ransoms in the past.
Last Ransom Demanded: The amount of the last ransom demanded was {last_ransom_amount}.
Last Attacking Group: The attacking group in the last incident was {last_attacking_group}.
Incident Details
Most Recent Incident Detected: The most recent incident detected was on {most_recent_incident_detected_date}.
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on {most_recent_incident_publicly_disclosed_date}.
Most Recent Incident Resolved: The most recent incident resolved was on {most_recent_incident_resolved_date}.
Impact of the Incidents
Highest Financial Loss: The highest financial loss from an incident was {highest_financial_loss}.
Most Significant Data Compromised: The most significant data compromised in an incident was {most_significant_data_compromised}.
Most Significant System Affected: The most significant system affected in an incident was {most_significant_system_affected}.
Response to the Incidents
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was {third_party_assistance_in_most_recent_incident}.
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were {containment_measures_in_most_recent_incident}.
Data Breach Information
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was {most_sensitive_data_compromised}.
Number of Records Exposed: The number of records exposed in the most significant breach was {number_of_records_exposed}.
Ransomware Information
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was {highest_ransom_demanded}.
Highest Ransom Paid: The highest ransom paid in a ransomware incident was {highest_ransom_paid}.
Regulatory Compliance
Highest Fine Imposed: The highest fine imposed for a regulatory violation was {highest_fine_imposed}.
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was {most_significant_legal_action}.
Lessons Learned and Recommendations
Most Significant Lesson Learned: The most significant lesson learned from past incidents was {most_significant_lesson_learned}.
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was {most_significant_recommendation_implemented}.
References
Most Recent Source: The most recent source of information about an incident is {most_recent_source}.
Most Recent URL for Additional Resources: The most recent URL for additional resources on cybersecurity best practices is {most_recent_url}.
Investigation Status
Current Status of Most Recent Investigation: The current status of the most recent investigation is {current_status_of_most_recent_investigation}.
Stakeholder and Customer Advisories
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was {most_recent_stakeholder_advisory}.
Most Recent Customer Advisory: The most recent customer advisory issued was {most_recent_customer_advisory}.
Initial Access Broker
Most Recent Entry Point: The most recent entry point used by an initial access broker was {most_recent_entry_point}.
Most Recent Reconnaissance Period: The most recent reconnaissance period for an incident was {most_recent_reconnaissance_period}.
Post-Incident Analysis
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was {most_significant_root_cause}.
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was {most_significant_corrective_action}.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
