Confirmed: MGM Resorts Hack Much Bigger Than Reported

Our sources don’t always get it right, but an industry insider hit this one out of the park: An MGM Resorts data breach initially said to have involved 10 million customers actually affected at least 142 million. has confirmed “exclusively” what we shared back in February 2020: The official number of customer records breached was vastly inaccurate, and not in a good way.

While CDNet’s story says 142 million records are for sale on the dark Web, our source puts the number of stolen records closer to 200 million.

MGM Resorts hack

Dear hackers, please leave Las Vegas alone. We have enough problems.

CDNet’s story included, “Posts on Russian-speaking hacking forums promoted the MGM data breach as containing details on more than 200 million hotel guests.”

On the bright side, if there is one, the breached records had limited MGM Resorts customer data: Names, addresses, phone numbers and, in limited cases, dates of birth and drivers license numbers.

No financial data was leaked.

Our source provided lots of information which hasn’t been reported elsewhere or confirmed by MGM Resorts.

The source says the stolen data in question had no information beyond 2017.

The source also claims the hackers had ties to Iran.

There were also some technical aspects of the breach which we have no clue about: The data was compromised via “SQL tables” posted “in the Cloud” within AWS (Amazon Web Services). Basically, “production data” stored in a development environment.

Both the MGM Resorts player database (PATRON) and hotel database (OPERA) were compromised, according to our source.

Our source says MGM Resorts paid “hundreds of thousands of dollars” to attempt to buy back the data, but it was leaked, anyway.

Astonishingly, the hacker trying to sell the stolen data is offering it for a paltry $2,939.

MGM Resorts claims it “has already addressed the situation.”

That sounds like an apology to us, so it’s all good!

5 thoughts on “Confirmed: MGM Resorts Hack Much Bigger Than Reported

  1. Mark A. Erichson

    I’m no techie, but I don’t know how MGM could feel confident about “buying back” the stolen info. Surely, they could pay for a copy of it. But if I were the hacker, I would have made duplicates to sell to other parties.

  2. Giselle Johnson

    That’s why I’m receiving all these scam calls. MGM needs to be more careful with my information. I’m constantly checking my credit. Hopeffully they won’t use my info to get anything.

  3. Chalcice

    If they are saying 200 million, it coul even be higher. It is scary how technology is controlling us. Today on the news some country is trying to hack into the Virus website to see the formula that is being used to develop a vaccine.


Leave a Reply

Your email address will not be published. Required fields are marked *