MGM Hotel Hack Leaves 10.6M Guests’ Personal Data Exposed

10.6 million people who had stayed at MGM Resorts have had their personal data published on a hacking forum, it was revealed this week. It is thought that the recent breach stems from an earlier incident which occurred last year, whereby unauthorised actors were able to access MGM’s internal cloud and therefore the personal information of previous guests. The biggest concern in the MGM disclosure is that hackers stole deeper, more sensitive data on 1300 individuals, including information off driver’s licenses and military D cards.

While it is too early to speculate, there is the possibility the theft that appears to have impacted 11 million customers is a diversion for a specific, strategic attack to access information on influencers in government, law enforcement, politics and the public and private sector. That’s not to say that the larger set isn’t suffering but rather that their suffering is a callous digital ‘collateral damage’ covering the more focused and motivated compromise like an assassin throwing a grenade into a crowd on a busy street to cover their true intention.

Source: itsecurityguru.org