MGM Resorts says all its hotels and casinos are now “operating normally” in the wake of last week’s debilitating cyberattack – but some MGM workers say behind the scenes tells quite a different story of massive amounts of lost employee data and an employer keeping them in the dark.
The Las Vegas-based mega hospitality group released several statements Wednesday on its website touting its recovery after a nearly 10-day ransomware attack that began last Monday.
The attack forced the company to shut down network systems, debilitating hotel and gambling operations at more than a dozen MGM resorts on the Vegas strip and several others located in the US.
In its latest update, also posted on X (formally known as Twitter), MGM states, “We are pleased that all our hotels and casinos are operating normally. Our amazing employees are ready to help guests with any intermittent issues.”
The company also addressed some issues with MGM rewards members missing points, saying that accounts will be adjusted at a later date.
An earlier statement Wednesday reminded guests that “resort services, dining, entertainment, pools, and spas” were back up and running, as well as gaming floors, table games, and poker rooms.
The MGM rewards app, all MGM brand websites, ATMs, credit card machines, slot machines, check-in systems, and digital guest room keys were completely inoperable for most of last week, expected to cost the company unprecedented financial losses.
That's besides a tarnished reputation on social media as post after post showed hours-long lines at the front desks at all MGM hotels and slot machines flashing errors on casino floors.
"Our slot machine ticket-in/ticket-out systems are back up and running, and our casino cashiers and slot guest service representatives are happy to help guests who may experience intermittent issues," the MGM statements said.
Guests are also able to make dining and spa reservations through the website and the rewards app, it said.
Not everything is as it seems
Although gaming floors are open and ATMs are working, hotel cashiers are still unable to offer cash advance or check cashing on Wednesday. MGM said.
MGM digital room keys and mobile app check-in were also still unavailable, forcing the front desk to continue issuing physical keys to guests.
Last week, guests complained about a room key free for all, with keys unlocking multiple rooms and elevators. This allowed guests to access every floor in the hotel and created a security nightmare.
As rumors of the hotel possibly not being able to make payroll last week surfaced on social media,
MGM employees are also breaking their silence about the chaos happening behind closed doors.
Las Vegas content creator and X user @JacobsVegasLife recently posted, "The situation for MGM Employees is worse than most of us realize."
“It's not just our work schedule,” one alleged MGM employee wrote in a private message the social media influencer posted on X. The worker accused MGM of “caring more about slots and ATMs working.”
“Its anything to do with being an employee at MGM,” they wrote.
“No schedule...no vacation (PTO) hours… All info pertaining to my 401… Time card and tokes made… Attendance points.”
“They hacked into our entire employment info. My social, my husband and kids' socials, all my bank info. We have gotten ZERO answers about anything,” the worker stated.
MGM, so far, has not provided any information about what information was compromised in the hack or how much sensitive data may have been stolen by the attackers.
Even more proof that the resort is being forced to revamp its entire system in the wake of the attack is this ad placed by MGM for a "Red Hat Linux System Admin willing to work 10 hours per day 7 days a week to completely rebuild its IT environment," as posted by X user @LasVegasLocally.
Fellow resort conglomerate Caesars Entertainment was also reportedly hit by the same attackers that week. Still, rumors say Casears decided to quietly pay a purported $15M ransom to keep its operations afloat.
Known ransomware gang Scattered Spider has laid claim to the attacks, which security insiders say were carried out using targeted but simple social engineering tactics the group is known for successfully using against its targets.
Scattered Spider is a known affiliate of the infamous ALPHV/BlackCat ransomware gang. The gang recently posted a lengthy description of the MGM attack on its ALPHV’s dark web blog.
MGM has also not commented on whether a ransom was paid to either hacker group.