A Telegram feed disclosed stolen customer records from MGM Resorts by threat actors. This is an update released on the MGM Resorts breach that was first reported in July 2019.
This article provides additional details on the size of the breach and the types of information that were exposed. reference (1)
About the breach
In July 2019, MGM Resorts International reported a data breach of one of their cloud services that exposed the information of guests staying at their resort locations prior to 2017. On May 22, 2022, an internet research team found the full data set from this breach posted for free online, exposing 142 million records and almost 25 million critical identifying information from individuals.
What information was exposed?
- Email addresses
- Phone numbers
- Dates of birth
- Physical Addresses
What should you do to protect yourself?
If you were an MGM Resorts customer prior to 2017, you may want to take the following steps to protect your information and help guard against fraud:
1. Consider getting insurance coverage from all credit bureaus including placing a fraud alert on your file for verification, and request a freeze on your credit file.
2. Ignore any suspicious emails, texts, or phone calls as it may be bad actors attempting to defraud you.
3. Though no passwords were exposed, you may want to update the passwords on your email account and any other accounts where you use your email address to log in.
4. Check with your financial institutions and make sure your information is up to date. Requests your bank to implement branch visits when changing critical data – especially information you think may be vulnerable after this breach.
As the researchers noted: “Bad actors could send phishing messages and scams to exposed users via SMS and email, using the victims’ full names and home or business addresses to build trust.”
Last Updated on 06/07/2022 by Emmanuel Motelin