Skip to main content

MGM Resorts Incident Shows How Cyberattacks Impact Digital Performance and the Business

Pete Goldin
Editor and Publisher
APMdigest

On September 10, MGM Resorts experienced what it called a "cybersecurity issue" that had a major impact on the company's systems, showing how cyberattacks can bring down applications, ultimately causing problems for a company in many ways.

According to Forbes, "The attack left hotel guests locked out of their rooms for hours and unable to use their digital key cards to charge goods and services. Eventually, the hotels resorted to manual processes and transactions."


The attack was first noticed by MGM Resorts on the evening of September 10. About 24 hours later the casinos were operational but the reservation systems was still down.

The company's website was also offline for at least 2 days.


In addition, the cyberattack impacted the MGM Rewards App and gaming on the casino floors. Las Vegas TV station KTNV reported, "Multiple gaming machines, including slot machines, have also gone offline due to the cybersecurity issue."

MGM Resorts has not yet disclosed which specific systems were impacted, and some of the downtime could be a result of the company shutting down its own systems to protect them, but the end result is still a disaster for the company. This attack shows how pervasive a cyberattack can be throughout a business operation.

In the latest episode of the Cybersecurity Awesomeness Podcast on DEVOPSdigest, Rick Sturm, CEO and Founder of Enterprise Management Associates (EMA) gave a stern warning to companies of all sizes. While speaking not specifically about MGM Resorts but more about cybersecurity in general, he said, "This stuff is rooted, to some extent, in corporate greed. Where management is always an afterthought, and security is even worse than that, it's way, way down. And we can save gazillions of dollars by connecting to the ... Internet, and security be damned, nobody will try to get in. And besides, we've got a couple firewalls. That should do it, right? No, it's not right ... We are seeing this over and over and over, and yet organizations are not taking the precautions that they need to. They take the quick and easy fix — they think. And ultimately, if you are connected to the Internet, you will be hacked, whether you're large or small."

On the podcast, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA added, "From the perspective of the network engineering team, it points to the fact that people don't have a lot of control over what's happening within their network. They don't see what's happening. It's about access control and segmentation. Like limiting lateral movement. Having a lot granular control over who can talk to what inside inside your network, and being able to understand if some kind of anomaly is popping up in terms of connections and communication. It requires a lot of manual heavy lifting from a network engineering team to be able to lock things down completely. And no one does it. As Rick was saying, part of it's greed, like no one wants to spend the money on it. Part of it is they don't have the tools to do it. And another part of it is they don't have the people to do it … It's a problem that needs to be solved."

Listen to Episode 27 of the Cybersecurity Awesomeness Podcast for more of EMA's take on the MGM Resorts cyberattack.

Click here for a direct MP3 download of Episode 27

Pete Goldin is Editor and Publisher of APMdigest

The Latest

According to Auvik's 2025 IT Trends Report, 60% of IT professionals feel at least moderately burned out on the job, with 43% stating that their workload is contributing to work stress. At the same time, many IT professionals are naming AI and machine learning as key areas they'd most like to upskill ...

Businesses that face downtime or outages risk financial and reputational damage, as well as reducing partner, shareholder, and customer trust. One of the major challenges that enterprises face is implementing a robust business continuity plan. What's the solution? The answer may lie in disaster recovery tactics such as truly immutable storage and regular disaster recovery testing ...

IT spending is expected to jump nearly 10% in 2025, and organizations are now facing pressure to manage costs without slowing down critical functions like observability. To meet the challenge, leaders are turning to smarter, more cost effective business strategies. Enter stage right: OpenTelemetry, the missing piece of the puzzle that is no longer just an option but rather a strategic advantage ...

Amidst the threat of cyberhacks and data breaches, companies install several security measures to keep their business safely afloat. These measures aim to protect businesses, employees, and crucial data. Yet, employees perceive them as burdensome. Frustrated with complex logins, slow access, and constant security checks, workers decide to completely bypass all security set-ups ...

Image
Cloudbrink's Personal SASE services provide last-mile acceleration and reduction in latency

In MEAN TIME TO INSIGHT Episode 13, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA discusses hybrid multi-cloud networking strategy ... 

In high-traffic environments, the sheer volume and unpredictable nature of network incidents can quickly overwhelm even the most skilled teams, hindering their ability to react swiftly and effectively, potentially impacting service availability and overall business performance. This is where closed-loop remediation comes into the picture: an IT management concept designed to address the escalating complexity of modern networks ...

In 2025, enterprise workflows are undergoing a seismic shift. Propelled by breakthroughs in generative AI (GenAI), large language models (LLMs), and natural language processing (NLP), a new paradigm is emerging — agentic AI. This technology is not just automating tasks; it's reimagining how organizations make decisions, engage customers, and operate at scale ...

In the early days of the cloud revolution, business leaders perceived cloud services as a means of sidelining IT organizations. IT was too slow, too expensive, or incapable of supporting new technologies. With a team of developers, line of business managers could deploy new applications and services in the cloud. IT has been fighting to retake control ever since. Today, IT is back in the driver's seat, according to new research by Enterprise Management Associates (EMA) ...

In today's fast-paced and increasingly complex network environments, Network Operations Centers (NOCs) are the backbone of ensuring continuous uptime, smooth service delivery, and rapid issue resolution. However, the challenges faced by NOC teams are only growing. In a recent study, 78% state network complexity has grown significantly over the last few years while 84% regularly learn about network issues from users. It is imperative we adopt a new approach to managing today's network experiences ...

Image
Broadcom

From growing reliance on FinOps teams to the increasing attention on artificial intelligence (AI), and software licensing, the Flexera 2025 State of the Cloud Report digs into how organizations are improving cloud spend efficiency, while tackling the complexities of emerging technologies ...

MGM Resorts Incident Shows How Cyberattacks Impact Digital Performance and the Business

Pete Goldin
Editor and Publisher
APMdigest

On September 10, MGM Resorts experienced what it called a "cybersecurity issue" that had a major impact on the company's systems, showing how cyberattacks can bring down applications, ultimately causing problems for a company in many ways.

According to Forbes, "The attack left hotel guests locked out of their rooms for hours and unable to use their digital key cards to charge goods and services. Eventually, the hotels resorted to manual processes and transactions."


The attack was first noticed by MGM Resorts on the evening of September 10. About 24 hours later the casinos were operational but the reservation systems was still down.

The company's website was also offline for at least 2 days.


In addition, the cyberattack impacted the MGM Rewards App and gaming on the casino floors. Las Vegas TV station KTNV reported, "Multiple gaming machines, including slot machines, have also gone offline due to the cybersecurity issue."

MGM Resorts has not yet disclosed which specific systems were impacted, and some of the downtime could be a result of the company shutting down its own systems to protect them, but the end result is still a disaster for the company. This attack shows how pervasive a cyberattack can be throughout a business operation.

In the latest episode of the Cybersecurity Awesomeness Podcast on DEVOPSdigest, Rick Sturm, CEO and Founder of Enterprise Management Associates (EMA) gave a stern warning to companies of all sizes. While speaking not specifically about MGM Resorts but more about cybersecurity in general, he said, "This stuff is rooted, to some extent, in corporate greed. Where management is always an afterthought, and security is even worse than that, it's way, way down. And we can save gazillions of dollars by connecting to the ... Internet, and security be damned, nobody will try to get in. And besides, we've got a couple firewalls. That should do it, right? No, it's not right ... We are seeing this over and over and over, and yet organizations are not taking the precautions that they need to. They take the quick and easy fix — they think. And ultimately, if you are connected to the Internet, you will be hacked, whether you're large or small."

On the podcast, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA added, "From the perspective of the network engineering team, it points to the fact that people don't have a lot of control over what's happening within their network. They don't see what's happening. It's about access control and segmentation. Like limiting lateral movement. Having a lot granular control over who can talk to what inside inside your network, and being able to understand if some kind of anomaly is popping up in terms of connections and communication. It requires a lot of manual heavy lifting from a network engineering team to be able to lock things down completely. And no one does it. As Rick was saying, part of it's greed, like no one wants to spend the money on it. Part of it is they don't have the tools to do it. And another part of it is they don't have the people to do it … It's a problem that needs to be solved."

Listen to Episode 27 of the Cybersecurity Awesomeness Podcast for more of EMA's take on the MGM Resorts cyberattack.

Click here for a direct MP3 download of Episode 27

Pete Goldin is Editor and Publisher of APMdigest

The Latest

According to Auvik's 2025 IT Trends Report, 60% of IT professionals feel at least moderately burned out on the job, with 43% stating that their workload is contributing to work stress. At the same time, many IT professionals are naming AI and machine learning as key areas they'd most like to upskill ...

Businesses that face downtime or outages risk financial and reputational damage, as well as reducing partner, shareholder, and customer trust. One of the major challenges that enterprises face is implementing a robust business continuity plan. What's the solution? The answer may lie in disaster recovery tactics such as truly immutable storage and regular disaster recovery testing ...

IT spending is expected to jump nearly 10% in 2025, and organizations are now facing pressure to manage costs without slowing down critical functions like observability. To meet the challenge, leaders are turning to smarter, more cost effective business strategies. Enter stage right: OpenTelemetry, the missing piece of the puzzle that is no longer just an option but rather a strategic advantage ...

Amidst the threat of cyberhacks and data breaches, companies install several security measures to keep their business safely afloat. These measures aim to protect businesses, employees, and crucial data. Yet, employees perceive them as burdensome. Frustrated with complex logins, slow access, and constant security checks, workers decide to completely bypass all security set-ups ...

Image
Cloudbrink's Personal SASE services provide last-mile acceleration and reduction in latency

In MEAN TIME TO INSIGHT Episode 13, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA discusses hybrid multi-cloud networking strategy ... 

In high-traffic environments, the sheer volume and unpredictable nature of network incidents can quickly overwhelm even the most skilled teams, hindering their ability to react swiftly and effectively, potentially impacting service availability and overall business performance. This is where closed-loop remediation comes into the picture: an IT management concept designed to address the escalating complexity of modern networks ...

In 2025, enterprise workflows are undergoing a seismic shift. Propelled by breakthroughs in generative AI (GenAI), large language models (LLMs), and natural language processing (NLP), a new paradigm is emerging — agentic AI. This technology is not just automating tasks; it's reimagining how organizations make decisions, engage customers, and operate at scale ...

In the early days of the cloud revolution, business leaders perceived cloud services as a means of sidelining IT organizations. IT was too slow, too expensive, or incapable of supporting new technologies. With a team of developers, line of business managers could deploy new applications and services in the cloud. IT has been fighting to retake control ever since. Today, IT is back in the driver's seat, according to new research by Enterprise Management Associates (EMA) ...

In today's fast-paced and increasingly complex network environments, Network Operations Centers (NOCs) are the backbone of ensuring continuous uptime, smooth service delivery, and rapid issue resolution. However, the challenges faced by NOC teams are only growing. In a recent study, 78% state network complexity has grown significantly over the last few years while 84% regularly learn about network issues from users. It is imperative we adopt a new approach to managing today's network experiences ...

Image
Broadcom

From growing reliance on FinOps teams to the increasing attention on artificial intelligence (AI), and software licensing, the Flexera 2025 State of the Cloud Report digs into how organizations are improving cloud spend efficiency, while tackling the complexities of emerging technologies ...