In 2019 it is reported a data breach of MGM Resorts, however, it seems that it is much more serious than I thought. Now, the personal data of the guests are sold on the Dark Web.
Violation of privacy
For those who have never heard of MGM Resorts, is a u.s. company in hospitality and entertainment, which operates in different destinations as Las Vegas, Detroit, New Jersey, among others.
However, last year we reported a possible leak of private data of its guests. The issue now is that it seems that the leak was much more severe than they thought.
142 million of personal data in the Dark Web
It was recently reported that the researchers found 142 million of personal information of former guests of the hotel chain MGM Resorts for sale on the Dark Web.
“Currently, a hacker is selling details of 142 million guests from hotels MGM in a market of cybercrime on the Dark Web,” noted the Tweet from Catalin Cimpanu.
To be more specific, according to the report published by ZDNet, they found a announced where they sell 142.479.937 details of the guests “MGM Grand hotel” for a price strangely specific $2.939.
Also, it is important to note that the payment information is held in Bitcoin or Monero, both cryptocurrencies commonly used in the Dark Web.
You are probably asking yourself: “How this was possible?”. It turns out that the hacker seems to have informed that he got the data from the guests of the hotel after violating DataViper, a service of monitoring of data leakage, operated by Night Lion Security.
However, according to a report from ZDNet, the Night Lion Security ensures never having had a copy of the database of clients from MGM. Therefore, the firm alleges that the hackers want to ruin the reputation of the company with the chain of hotels.
The main concern at the moment is that there is the possibility of obtaining a larger amount of data than the one we know now.
That is to say, that the hackers could have more of what 142 million of data that are currently sold on the Dark Web. And, the main reason for which we do not know the magnitude of the event is because MGM has not offered more details.
In fact, it was in February of this year that it was learned that the gap had occurred and it was not thanks to the chain of hotels. The information was given to know then that you will find yourself on a forum of hackers a free download of 10.6 million data of guests of the hotel.
Subsequently, MGM admitted it suffered a security breach, however, never pointed out the magnitude of the same.
The MGM Resorts ensures that affected customers were notified of the event. In addition, the stolen information does not include financial information or identification numbers, or social security.
The news comes as a reminder of the amount of private information that offer day-to-day. Not to mention how easy it seems to be a steal.