In 2022, MGM Resorts International suffered a major cyber attack orchestrated by a 17-year-old hacker from Illinois, exploiting AI-driven social engineering and advanced hacking techniques. The breach caused an estimated **$200 million in damages**, disrupting operations, compromising customer and employee data, and severely impacting the company’s reputation. The attack led to system outages, financial losses, and potential long-term trust erosion among clients. The hacker leveraged AI tools to bypass security protocols, demonstrating how emerging technologies enable even inexperienced criminals to execute high-impact cyberattacks. The incident also highlighted vulnerabilities in Las Vegas’s casino industry, a prime target due to the vast amounts of personal and financial data collected. The case remains under legal review, with authorities debating whether to prosecute the minor as an adult, underscoring the escalating sophistication and audacity of cyber threats in critical sectors like hospitality and gaming.
Source: https://news3lv.com/news/local/ai-increasing-vulnerability-to-be-hacked
TPRM report: https://www.rankiteo.com/company/mgm-resorts-international
"id": "mgm0062100092525",
"linkid": "mgm-resorts-international",
"type": "Cyber Attack",
"date": "6/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'Gaming & Entertainment',
'location': 'Las Vegas, Nevada, USA',
'name': 'MGM Resorts International',
'size': 'Large enterprise',
'type': 'Hospitality/Casino'},
{'industry': 'Gaming & Entertainment',
'location': 'Las Vegas, Nevada, USA',
'name': 'Caesars Entertainment',
'size': 'Large enterprise',
'type': 'Hospitality/Casino'},
{'location': 'Las Vegas, Nevada, USA (implied)',
'name': 'Unnamed clients in insurance, healthcare, '
'education, and manufacturing',
'type': ['Insurance',
'Healthcare',
'Education',
'Manufacturing']}],
'attack_vector': ['AI-driven voice cloning',
'deepfake video/zoom calls',
'social engineering',
'exploitation of cloud vulnerabilities',
'exploitation of publicly available personal data'],
'customer_advisories': 'Limited (some breaches not publicly disclosed)',
'data_breach': {'data_exfiltration': 'Likely (data sold on dark web implied)',
'personally_identifiable_information': 'Yes (voice '
'recordings, videos, '
'personal details)',
'sensitivity_of_data': 'High (personal data sold on black '
'market)',
'type_of_data_compromised': ['personal information',
'potentially financial data',
'employee records']},
'description': 'The advancement of artificial intelligence (AI) is enabling '
'cybercriminals to exploit businesses more efficiently, '
'particularly in Las Vegas, where personal data is a prime '
'target. Hackers leverage AI tools for social engineering, '
'voice cloning, and deepfake attacks to bypass security '
'measures. Notable breaches include MGM Resorts International '
'and Caesars Entertainment in 2021, resulting in $200 million '
'in damages for MGM. A 17-year-old hacker from Illinois was '
'arrested in connection with these attacks. Cybersecurity '
'expert Dasha Davies warns that adversarial nations like '
'China, Russia, and North Korea are training young hackers for '
'cyber espionage. Businesses are advised to avoid cloud '
'storage for critical data and update passwords regularly.',
'impact': {'brand_reputation_impact': 'High (MGM and Caesars breaches '
'publicly disclosed, unnamed breaches '
'in insurance, healthcare, education, '
'and manufacturing)',
'data_compromised': ['personal information',
'potentially payment data',
'employee/customer records'],
'financial_loss': '$200 million (MGM Resorts alone)',
'identity_theft_risk': 'High (personal data sold on black market)',
'legal_liabilities': 'Ongoing (17-year-old hacker facing '
'juvenile/adult court proceedings)',
'operational_impact': 'Significant (e.g., MGM Resorts disruption)',
'payment_information_risk': 'Likely (given targeting of casinos '
'and businesses with financial data)',
'revenue_loss': '$200 million (MGM Resorts)'},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes (personal information '
'traded on black market)',
'entry_point': ['social engineering (voice cloning, '
'deepfakes)',
'exploiting publicly available data '
'(e.g., YouTube videos)',
'cloud misconfigurations'],
'high_value_targets': ['casinos (MGM, Caesars)',
'insurance, healthcare, '
'education, manufacturing '
'sectors']},
'investigation_status': "Ongoing (17-year-old hacker's case pending in "
'juvenile/adult court; unnamed breaches unreported)',
'lessons_learned': ['AI tools lower the barrier for cyberattacks, enabling '
'faster and more sophisticated breaches (e.g., voice '
'cloning, deepfakes).',
'Social engineering remains a critical vulnerability, '
'especially with publicly available data (e.g., YouTube '
'videos).',
'Cloud storage does not guarantee security and may '
'introduce additional risks if not properly managed.',
'Adversarial nations are systematically training young '
'hackers for cyber espionage against U.S. targets.',
'Password hygiene (e.g., changing passwords every 6 '
'months) is essential but insufficient alone to prevent '
'breaches.'],
'motivation': ['financial gain',
'cyber espionage',
'data theft for black market sales',
'disruption of U.S. businesses'],
'post_incident_analysis': {'corrective_actions': ['Transition critical data '
'from cloud to local '
'storage with enhanced '
'security.',
'Deploy advanced threat '
'detection for AI-generated '
'attacks (e.g., '
'voice/deepfake detection).',
'Strengthen password '
'policies and enforce MFA '
'across all systems.',
'Collaborate with law '
'enforcement and '
'cybersecurity firms (e.g., '
'Stealth ISS Group) for '
'proactive defense.'],
'root_causes': ['Over-reliance on cloud storage '
'without proper security controls.',
'Lack of user awareness about '
'AI-driven social engineering '
'tactics.',
'Insufficient protection for '
'publicly available personal data '
'(e.g., voice/video recordings).',
'State-sponsored training of young '
'hackers exacerbating the threat '
'landscape.']},
'ransomware': {'data_exfiltration': 'Likely (given $200M damage and data '
'theft focus)'},
'recommendations': ['Avoid storing critical data in the cloud; prefer local '
'storage for sensitive information.',
'Implement multi-factor authentication (MFA) and strict '
'access controls to mitigate social engineering risks.',
'Educate employees and users on AI-driven threats (e.g., '
'voice cloning, deepfake phishing).',
'Regularly update passwords and monitor for unauthorized '
'access, assuming breaches are inevitable.',
'Businesses should conduct frequent security audits to '
'identify and address gaps in defenses.',
'Enhance monitoring for unusual activity, especially in '
'high-risk industries (e.g., gaming, healthcare, '
'finance).'],
'references': [{'source': 'News 3 Las Vegas'},
{'source': 'Stealth ISS Group (Dasha Davies, President & '
'CISO)'}],
'regulatory_compliance': {'legal_actions': "Ongoing (17-year-old hacker's "
'case in court)'},
'response': {'communication_strategy': 'Limited (some breaches never made the '
'news)',
'incident_response_plan_activated': 'Likely (for MGM and '
'Caesars, given public '
'disclosure)',
'law_enforcement_notified': 'Yes (17-year-old hacker arrested; '
'case in juvenile court)',
'third_party_assistance': 'Stealth ISS Group (cybersecurity '
'consulting mentioned)'},
'threat_actor': ['17-year-old hacker from Illinois (arrested)',
'state-sponsored hackers (China, Russia, North Korea '
'implied)',
'young hackers (as young as 13–14, trained in cyber '
'academies)'],
'title': 'AI-Powered Cyberattacks Targeting Las Vegas Businesses, Including '
'MGM Resorts and Caesars Entertainment',
'type': ['cyber espionage',
'social engineering',
'data breach',
'ransomware (implied)',
'AI-powered attacks'],
'vulnerability_exploited': ['weak password policies',
'lack of multi-factor authentication (MFA)',
'cloud security misconfigurations',
'publicly exposed personal data (e.g., YouTube '
'videos)',
'insufficient user education on phishing/social '
'engineering']}