security

Personal info of 10.6M MGM hotel guests published on hacking forum – New York Post


The personal details of more than 10.6 million people who stayed at MGM Resorts hotels — including Justin Bieber and Twitter CEO Jack Dorsey — were published on a hacking forum this week, a report said Wednesday.

The leaked files included full names, home addresses, phone numbers, emails and birth dates for the former guests, according to technology news website ZDNet.

Celebrities, tech CEOs and government officials, including from the Department of Homeland Security and the Transportation Security Administration were among those affected, a security researcher from Under the Breach told the outlet.

These high-profile users now have a higher risk of receiving spear-phishing emails or being the victims of SIM swap scam, the expert said.

An MGM spokesperson confirmed the breach, telling the outlet the data was old and swiped during a security incident last year.

“Last summer, we discovered unauthorized access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts,” the spokesperson said.

“We are confident that no financial, payment card or password data was involved in this matter.”

The hotel chain said it had notified all the impacted guests and conducted an internal investigation.

ZDNet said it called some of the affected guests and found that none of those who answered had stayed at the hotel past 2017.

Some phone numbers were disconnected but others were valid.

MGM didn’t immediately return a request from The Post.



READ SOURCE

Leave a Reply