Hackers have tapped a database from the MGM Resorts hotel chain and published data from over 10 million guests – including names and passport numbers.
MGM Partially Informs Those Affected
The BBC also reports that MGM has already informed some of those affected. Less sensitive data of almost 50.000 people are said to have been accessible. Guests had to be informed that their ID card number had been taken. However, that is only a fraction of the more than 10 million guests – what is with their data remains unclear.
E-Mail Addresses And Other Information Can Be Used For Phishing Attacks
MGM declares that it has acted in accordance with the laws of the respective US states. Some do not require customers to be informed when their data is tapped. Even without account or payment data, e-mail addresses and other information can be used for phishing attacks or other attacks.
MGM operates numerous hotels in the United States, including many on the famous in Las Vegas. The chain is also represented in China and Dubai.
A similar incident occurred 2 years ago at a subsidiary of the Marriott hotel chain, which in turn includes several brands. There were even 500 million hotel guests affected – and the payment details were stolen. At that time it was said that there was unauthorized network access. Marriott had announced that they would investigate the incident thoroughly.
According to a report by the US technology portal, the data includes not only the names of the guests, but also the telephone and passport numbers, email addresses and birthday. The US magazine was able to view and check the data according to its own information. Payment information was not included. MGM Resorts has confirmed the incident, the hackers are said to have extracted the data via a cloud service. The explanation is not more specific.