Investigation uncovers perpetrator of Las Vegas casino data breach

In September 2023, MGM Resorts, one of the world's largest casino and hospitality operators, suffered a cyberattack that paralyzed its operations for nearly a week. The incident affected some of Las Vegas' most iconic casinos, including the Bellagio, the Cosmopolitan, and Mandalay Bay, as well as other MGM-owned resorts in the United States.After detecting the unauthorized access, the company activated its security protocols, temporarily suspended operations of the affected system, and began working with authorities to contain the attack and assess its scope.

During the security breach, customers were affected by a number of issues, including malfunctioning slot machines, ATMs, digital cards, electronic payment systems, and online reservations. In some cases, MGM had to resort to traditional methods, such as pen and paper, to process transactions. In 2024, MGM Resorts publicly confirmed that customer data, such as names, contact information, dates of birth, and driver's license numbers, had been accessed.

In the early stages of the investigation into the incident, both authorities and cybersecurity investigators attributed the attack to the cybercriminal group Scattered Spider, as it had claimed responsibility for a ransomware attack on Caesars, another famous Las Vegas casino, around the same time.

However, detectives recently identified a teenager as a suspect in the case. On September 17, 2025, the minor suspect turned himself in to the Clark County Juvenile Detention Center, where he was charged with several crimes, including extortion, conspiracy, and obtaining and using personal information from third parties for the purpose of harm or impersonation.