UPDATED 20:58 EST / MAY 24 2022

SECURITY

142M stolen MGM Resorts records publicly shared on Telegram

Some 142 million records relating to MGM Resorts International hotel guests have been publicly shared on Telegram.

Discovered by researchers at vpnMentor and revealed May 22, the four archive files totaled 8.7 gigabytes of data. Although there were 142 million records in total, the number of affected customers is believed to be around 30 million.

The stolen data includes full names, postal addresses, email addresses, phone numbers, dates of birth, email addresses and in some cases, passport and driver’s license numbers.

That data dates back to a breach initially reported to include 10.6 million records that occurred in 2019 but was first reported in February 2020. The records included government officials, chief executive officers and others, notable among them, then Twitter Inc. CEO Jack Dorsey and singer Justin Bieber. MGM Resorts confirmed the breach at the time, with some suggesting that the company had failed to secure a cloud-hosted database adequately.

Forward to July 2020 and the number of records blew out to 142 million. A hacker known as NightLion listed the 142 million MGM hotel guest records for sale at a price of $2,900 on a hacking forum.

NightLion claimed to have obtained the MGM Resort data as part of a hack of billions of records from cyberthreat intelligence and breach database company DataViper. Company founder Vinny Troia denied the hack at the time, claiming that the hacker only obtained access to a test instance.

Nearly two years later, it’s not clear where the data came from other than it exists. What is being offered on Telegram appears to be the same database offered by NightLion for sale on the now-defunct RaidForums hacking forum.

What is of interest is how Telegram is becoming more popular as a way for hackers to communicate and share information about data breaches. The vpnMentor researchers note that Telegram’s use of encryption and some anonymity, combined with ease of use, make it the perfect platform for hackers to post data breaches.

On the MGM Resort data, the researchers also warned that although the breach is now two years old, bad actors could still send phishing messages and scams to exposed users via SMS.

Photo: Zereshk/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU