Following what was apparently a cyber security threat on Monday, the MGM Grand Detroit casino has all of its slot machines and gaming tables open, but a few gaming features are not available to customers.
According to the information desk staff at MGM Grand Detroit, customers cannot use free play, cannot get cash advances or use ATMs, and they cannot write checks.
Any gaming-related account service that requires an internet connection seems to be unavailable or limited at this time.
An employee in one of the restaurants at the hotel told PlayMichigan that “some point-of-sale activity has been impacted” as well.
MGM Grand Detroit remains open
The MGM Grand Detroit did not close on Monday following what was reportedly a serious threat of a cyber breach. For several hours, the casino/hotel was unavailable via email or phone, and the MGM Grand Detroit website is still not functioning. Emails to press relations staff at MGM Grand Detroit on Monday and Tuesday have gone unanswered.
The security issue was reportedly due to a cyber security vulnerability which impacted a software system related to communications and gaming technology. As a result, at least two other casinos, one in Las Vegas, the other in New Jersey, experienced downtime and shut off communications and/or limited slot play. In that case, it’s possible the cyber threat was coordinated nationwide to impact that software system, or was hidden inside the software.
Investigation into the cyber attack ongoing
MGM Grand Detroit has more than 2,800 slot machines and 150 gaming tables. It’s poker room has 13 tables. The venue is owned and operated by MGM Resorts, which also operates resorts around the U.S. and other countries. It’s headquarters are located in Las Vegas. The company issued a statement on Monday regarding the threat:
“MGM Resorts recently identified a cybersecurity issue affecting some of the company’s systems. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems.
“Our investigation is ongoing, and we are working diligently to determine the nature and scope of the matter.
The threat to security in the Detroit casino comes after a ransomware attack earlier this year on 14 Gateway-operated casinos in Ontario. Those casinos were closed for two weeks.
In addition, in August, an employee at Four Winds Casino in Hartford, CT alleges that an individual hacked the phone system and placed a call that led her to remove $700,000 in cash from the cash room.
MGM hackers also hacked Caesars
The cybersecurity issue at MGM Grand Detroit is due to a ransomware attack by a hacker group known as Scattered Spider, or UNC3944. That group also targeted computer systems at Caesars casinos weeks ago, according to Bloomberg.
Whether the hacker group is demanding a ransom from MGM Resorts is unknown, but that nefarious group has been successful in securing payments in the past. In 2022, the FBI revealed that Scattered Spider had attacked as many as 60 companies.
Caesars Entertainment, Inc., facing the possibility of having data stolen or destroyed, reportedly paid tens of millions to the group earlier this summer in a breach.
The Caesars attack has only now been revealed, and details should be forthcoming when that company files a report with a regulatory committee.
According to Fortune, the hacker group Scattered Spider is also called “Roasted 0ktapus,” and consists of people from the US and United Kingdom, some allegedly as young as 19 years old.
A ransomware attack aims to threaten destruction of a network or computer files, or to share sensitive data, unless a ransom is paid to the hacking group. Scattered Spider has been known to coordinate with ALPHV, another hacking organization that has been known to share its methods publicly to encourage a proliferation of attacks.