MGM and Caesars casino giants breached: Okta reveals more companies targeted by hackers
Hackers breached the systems of casino giants MGM Resorts International and Caesars Entertainment, along with three other companies in manufacturing, retail, and technology, according to an anonymous security executive.
Highlights
- Okta has revealed that five of its clients, including MGM and Caesars, have been targeted by hacking groups known as ALPHV and Scattered Spider since August
- Hacking group ALPHV claimed the MGM hack on its website and threatened more attacks if no deal was made
- Google's Mandiant Intelligence said that Scattered Spider (UNC3944) is one of the most disruptive U.S. hacking groups
According to Reuters, the same hackers who have broken into the systems of casino giants like MGM Resorts International (MGM) and Caesars Entertainment over the past few weeks have also taken out three other companies, including one in manufacturing, one in retail, and one in technology, according to a security executive.
David Bradbury, the Chief Security Officer of identity management firm Okta, a company based in San Francisco that specialises in identity and access management, reported that five of Okta's clients, including MGM and Caesars, have been targeted by ALPHV and Scattered Spider, a hacker group, since August.
Recent hacks attention
Ransomware attacks have been on the rise in recent years, affecting a wide range of sectors from the healthcare industry to the telecommunications sector.
The market value of two of the biggest casino chains, MGM and Caesars, has fallen as a result of the cyber attacks, with MGM continuing to struggle with operational issues at its properties around the world.
In San Francisco, Okta, which has more than 17,000 customers around the world, provides identity services such as multifactor authentication (MFA) for online access.
Bradbury, a spokesperson for Okta, said the company issued an alert last month after identifying several breaches among its clients.
Hackers issued warning
Octa observed a concerning trend among its U.S. customers where hackers posed as employees of victim companies and convinced IT helpdesks to grant them duplicate access.
MGM has not provided detailed comments regarding the statement or the cyberattack, except to acknowledge a “cybersecurity issue”.
The financially stable hacking group ALPHV claimed responsibility for the MGM hack and issued a warning, threatening further attacks unless a deal is reached. The exact ransom amount is not revealed.
Scattered Spider (UNC3944), the hacker behind the attack
Scattered Spider and ALPHV seem to have been collaborating on the recent hacks, as indicated by security analysts' research.
Bradbury characterises their relationship as resembling that of business associates or affiliates.
Google's Mandiant Intelligence recently labeled Scattered Spider, also known as UNC3944, as one of the most disruptive hacking groups in the United States.
Bradbury notes that Mandiant's description of Scattered Spider's tactics aligns with what Okta observed during the recent cyberattacks.
Cybercity vigilance
Recent cyberattacks, such as those on MGM and Caesars, prompted Okta to disclose the escalating threat of impersonation-based breaches.
According to Bradbury, the collaboration between hacking groups Scattered Spider and ALPHV underscores the urgency for industry-wide cybersecurity vigilance.
