Nevada Gaming Commissioner Brian Krolicki has called for a public update regarding the recent cybersecurity attacks on casino giants MGM Resorts International and Caesars Entertainment Inc.
During a commission meeting held on Thursday, Krolicki requested information on the cyberattack that afflicted MGM Resorts, starting on September 10, disrupting the company's computer systems for a period of nine days, Las Vegas Review-Journal reported. He also sought details on the late August attack on Caesars Entertainment, during which the company reportedly paid a multimillion-dollar ransom in a ransomware extortion scheme.
“Right now, the priority is just to recover and make sure that patrons are made whole and the systems are secure,” Krolicki said at the conclusion of the meeting, as per Review-Journal. “But I think at some point in time when there’s the energy and understanding of what just happened if we could get some kind of briefing on what’s transpired that’s appropriate for public record and perhaps a policy going forward.”
Both MGM and Caesars have been relatively reticent in sharing specific information about these separate incidents, believed to be orchestrated by two Eastern European hacker groups with ties to Russia.
MGM announced on Thursday that its credit card systems have been restored after several days of disruption. Concerns have arisen among customers who reported that clerks asked them to write down their credit card numbers for later processing. Some customers have reported that they have not yet seen charges made on their cards.
As per the Review-Journal report, a spokesperson for MGM clarified that during the period when the credit card system was offline, the company utilized a modified system reserved for such situations. Written names and numbers were secured, processed, and subsequently destroyed, according to the spokesperson. Delays in processing may have occurred due to the manual nature of these operations during the system outage.
There have also been scattered reports of guests canceling their stays at MGM properties out of concerns that the hack may have exposed their personal information to the public. MGM has not provided specific information regarding these cancellations or any other aspects of the cyberattack.
“How do we avoid these things if they do happen, what are the reporting schemes? Were they immediately reported to the Gaming Control Board? There are a lot of questions and a lot of publicity. It’s a global story and I just believe it would behoove all of us to get a handle on what just happened,” Krolicki was quoted as saying in the report.