In September last year, MGM Resorts became victim of a cyberattack where they had to close down their computers for 10 days. It got so bad that pen and paper had to be used for some transactions! They had current backups, so they were able to reinstall the data that had been stolen, and didn’t need to pay the ransom. However, the resulting losses are reportedly around $100 million and phenomenal disruption was caused to customers and staff. 

We must view this as yet another warning to continue focusing on the strength of our own cybersecurity and resilience. Below we draw lessons from the MGM Resorts incident and outline practical steps you can take to bolster your organisation’s cybersecurity defences. 

Social engineering 

Highly sophisticated social engineering tactics were employed by cybercriminals, exploiting human vulnerabilities. It is understood that hackers identified an MGM IT Support employee on LinkedIn and made a call to the helpdesk. Using a technique known as ‘vishing’ or voice phishing, they were able to use impersonation skills to trick the staff member. Apparently, the attack took no more than 10 minutes! Personal data of customers, including names, contact information, and even social security numbers, were compromised.  

Key lessons for businesses 

Recognise the threat of social engineering 

Social engineering was a critical factor in the MGM breach where hackers manipulated employees into divulging confidential information. 

Train your staff regularly on how to recognise and respond to social engineering attempts, such as phishing emails or suspicious phone calls. 

Multi-Factor Authentication (MFA) 

Despite the use of MFA, the attackers were able to bypass defences. 

Ensure MFA is in place for all critical systems but also understand its limitations. Regularly review and update security protocols to address emerging threats. 

Regular cybersecurity audits 

Regular audits can identify vulnerabilities before they are exploited – conduct these thoroughly and diarise them to ensure they are always carried out. Not sure what you need to do? We can carry these out for you. 

Rapid response and recovery plans 

Their response included shutting down systems and notifying affected customers. 

Develop and regularly update your incident response plan, much the same as a fire safety plan. Ensure it includes steps for containment, eradication, recovery, and communication with stakeholders. 

Data encryption and secure storage 

While MGM’s critical financial data was not reportedly breached, the incident highlights the need for robust data protection. 

Encrypt sensitive data and implement secure data storage practices. 

Insurance and liability 

Cyber insurance can mitigate financial losses due to breaches. 

Review your cyber insurance coverage to ensure it aligns with your risk profile and the evolving cyber threat environment. 

Legal compliance and reporting 

MGM complied with legal requirements in their response. 

Stay informed about legal obligations related to data breaches, including notification requirements. 


The MGM Resorts cyber breach serves as a potent reminder of the critical importance of rigorous cybersecurity and a response plan. At Net Primates we are committed to helping you understand and implement robust cybersecurity measures and understand what you need to be prepared for. It’s not just about the technology; it’s about encouraging a culture of security awareness and preparedness. By learning from incidents like MGM’s, we can better protect our businesses and customers from the ever-present and growing threat of cyberattacks. 

For advice and solutions to enhance your business’s cybersecurity defences, don’t hesitate to get in touch. Let’s work together to safeguard your digital assets against future threats.