MGM Resorts Hit by Cyberattack Using Vishing Scam for Login Credentials
-
MGM Resorts was hit by a cyberattack that shut down many of its systems, including hotel room keys and slot machines.
-
A group called Scattered Spider is believed responsible, using ransomware from BlackCat. They specialize in "vishing" - phishing via phone calls.
-
Scattered Spider allegedly called MGM's IT desk posing as an employee to get login credentials. They encrypted data and are demanding payment to release it.
-
Vishing is effective because it's easy and uses publicly available info to impersonate targets. MGM may not have had proper verification procedures.
-
Customers should check bank statements for fraud, be wary of emails claiming to be MGM, and consider freezing credit to prevent identity theft.