Leaked info includes names, addresses, and phone numbers.
MGM Resorts has acknowledged that personal information of about 10.7 million hotel guests was published on a hacking forum earlier this week. The data exposure was confirmed to ZDNet by MGM Resorts on Wednesday. Included in the data were full names, phone numbers, addresses, emails and dates of birth.
ZDNet confirmed the data’s accuracy by reaching out to some customers whose information was published on the hacking forum.
The data was accessed via a security incident in 2019, an MGM Resorts spokesperson told ZDNet, during which all affected customers were notified.
“Last summer, we discovered unauthorized access to a cloud server that contained a limited amount of information for certain previous guests,” the hotel chain told ZDNet, adding that no financial or credit card data leaked.
MGM Resorts told ZDNet it has since improved its network security. Its hotels include the Bellagio, Aria, MGM Grand, Mandalay Bay, Park MGM, Mirage, New York New York, Luxor and Excalibur in Las Vegas.
Reichert, Corinne. (19 February 2020). MGM Resorts confirms data breach of 10.7 million guests. CNET.