Hacker stole personal data of 30 million guests of a large hotel chain


According to vpnMentor researchers, the data leak includes personal information of MGM customers. MGM Resorts International is a management company in the field of hotel business and gambling. The company owns 29 facilities, including the well-known Bellagio, MGM Grand, Luxor casinos in Las Vegas, as well as MGM Macau and MGM Cotai in the administrative region of China – Macau.

On July 14, 2020, an attacker under the pseudonym NightLion stole several databases from the leak monitoring site DataViper. One of the databases belonged to MGM Resorts and contained the personal data of 142 million customers. The stolen database was posted on Telegram for free download. On May 22, 2022, four archives with 8.7 GB of data were discovered. This leak could affect approximately about 30 million people.

According to vpnMentor researchers , the information includes the following data:

  • Full names
  • Dates of birth
  • Phone numbers
  • Email addresses

According to the hacker who published the data in Telegram, the leak contains 142,479,938 records. This is more than 24 million email addresses and more than 30 million contact numbers.

Now any attacker can use this data for fraud and launch phishing email campaigns. Since the stolen data is already 2 years old, victims may not expect hacking, which makes them more vulnerable to attacks.

Start a discussion …