Sign up for smart news, insights, and analysis on the biggest financial stories of the day.
MGM is letting the chips fall with cybersecurity.
After a cyber attack this weekend that knocked several important systems offline across the hospitality company’s Las Vegas properties, MGM on Wednesday filed an 8-K report with the SEC — a.k.a., a formal announcement of a major event that shareholders should know about. Fittingly, also on Wednesday, Moody’s said the cyber attack could lead to a credit ratings downgrade for MGM, something shareholders probably also would want to hear about.
Digital Poker
MGM resorts and casinos such as the Bellagio and the Cosmopolitan are really taking matters into their own hands, which may not be doing wonders for guest experiences. Check-ins with credit card payments are being conducted entirely by hand, according to Bloomberg’s on-the-scene reporting, while the MGM Grand’s sportsbook has been forced to close, slot machine players are being cashed out by in-person attendants, and restaurants and bars are only accepting cash — all while many on-site ATMs have been offline.
Unfortunately, the cyber attack shouldn’t exactly be surprising:
- In a recent report from cybersecurity ratings and analytics company BitSight, MGM scored an ‘F’ thanks to its poor patching cadence, or the speed at which it fixes known vulnerabilities.
- In 2020, a different cyber attack snatched the personal information of over 10 million guests who had stayed at MGM Resorts hotels, which were later published on an online hacking forum.
Moody’s on Wednesday said this week’s attack shows there wasn’t a Plan B. It said the breach “highlights key risks related to business operations’ heavy reliance on technology and the operational disruption caused when systems need go offline or are inoperable.” An FBI spokesperson told CNBC that the agency is aware of the attacks and is monitoring the “ongoing” situation, which we think is what they always say when something beats the heck out of them.
Just Under the Wire: MGM would’ve been forced to disclose way more information to the SEC if the attack had occurred a few months from now. That’s because starting next year, the SEC is implementing new rules requiring far more disclosure of cybersecurity risk and management strategies so that casino empires don’t gamble with our personal information.
Recent News
-
FCC Votes to Restore Net Neutrality
Photo by Internet Education Foundation via CC BY-SA 2.0 -
A Mercedes With Autonomous Driving Just Hit the US Market
Photo by Manuel Pappacena via Unsplash -
Struggling Diamond Giant De Beers Is Reportedly for Sale
Photo by Bas van den Eijkhof via Unsplash -
DeepMind Patent Adds to Robotic AI Ambitions
Photo via U.S. Patent and Trademark Office -
Gucci’s China Problem Is Testing Investors’ Patience
Photo by Do Nhu via Unsplash -
Business Groups Sue FTC Over New Noncompete Regulations
Photo by Ian Hutchinson via Unsplash -
UK’s Octopus Energy Invests in US Offshore Wind Startup
Photo by Mmatsuura via CC0 1.0 -
Nvidia Patent Details Adaptable Conversational AI Models
Photo via U.S. Patent and Trademark Office -
Humane’s Latest Patent Makes the AI Pin Ambidextrous
Photo via U.S. Patent and Trademark Office -
Apple’s iPhone Is Getting Crowded Out of the Chinese Market
Photo by Melvin Loi via CC BY-SA 2.0
