Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

NightLion hacker is selling details of 142 million MGM Resorts hotel guests

The MGM Resorts 2019 data breach is much larger than initially thought, a hacker is offering for sale details of 142 million MGM hotel guests on the dark web. Bad news for the guests of the MGM Resorts, the 2019 data breach suffered by the company is much larger than initially reported. A credible actor […]

MGM Resorts

The MGM Resorts 2019 data breach is much larger than initially thought, a hacker is offering for sale details of 142 million MGM hotel guests on the dark web.

Bad news for the guests of the MGM Resorts, the 2019 data breach suffered by the company is much larger than initially reported.

A credible actor is selling details of 142 million MGM hotel guests on the dark web, the news was reported in exclusive by ZDNet.

In February, ZDNet revealed in exclusive that the personal details of more than 10.6 million users who stayed at MGM Resorts hotels have been published on a hacking forum this week.

The list of customers whose data were stolen includes celebrities, tech CEOs, reporters (i.e. Twitter CEO Jack Dorsey, Justin Bieber), government officials, and employees at some of the major tech companies.

The huge trove of data contains personal details for 10,683,188 former hotel guests, including full names, home addresses, phone numbers, emails, and dates of birth.

MGM Resorts Dump (source ZDNet)

At the time, ZDNet validated the authenticity of the data contacting past guests of the hotel, including international business travelers, reporters attending tech conferences and CEOs attending business meetings.

“The new finding came to light over the weekend after a hacker put up for sale the hotel’s data in an ad published on a dark web cybercrime marketplace.” reported ZDNet.

The hacker is attempting to sell the huge trove of data, details for 142,479,937 MGM hotel guests, for over $2,900.

The hacker claims to have obtained the database from the hack of the DataViper monitoring service operated by the security firm Night Lion Security. However, the company denies having had the full MGM database in its archives and insists that someone is attempting to ruin the reputation of the cybersecurity firm.

In February, the MGM Resorts chain confirmed it already notified all impacted hotel guests and reported the incident to the authorities.

According to MGM Resorts, the data was old, none of the customers in the archive stayed at the hotel past 2017. The company excluded that hackers have stolen financial and payment card data or passwords.

ZDNet speculates the MGM data breach could be even bigger than the 142 million, some posts on Russian-speaking hacking forums were advertising MGM dump containing details on more than 200 million hotel guests.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]