To Our Valued Customers:
As previously reported, sophisticated criminal actors recently launched a cyberattack on MGM Resorts’ IT systems. We responded swiftly, shut down our systems to mitigate risk to customer information, and began a thorough investigation of the attack, including coordinating with federal law enforcement agencies and working with external cybersecurity experts. While we experienced disruptions at some of our properties, operations at our affected properties have returned to normal, and the vast majority of our systems have been restored. We also believe that this attack is contained.
The Impact of the Attack
We have determined that because of our fast, early response, the incident did not result in a compromise of any customer bank account numbers or payment card information.
We do understand that the criminal actors obtained certain personal information belonging to some customers who transacted with us prior to March 2019. This includes name, contact information, gender, date of birth, and driver’s license number. The types of impacted information varied by individual. We also believe a more limited number of Social Security numbers and passport numbers were obtained. We have no evidence that the criminal actors have used this data to commit identity theft or account fraud.
Steps We’re Taking to Help
Protecting your personal information is a responsibility we take extremely seriously.
As part of our remediation efforts, we have rebuilt, restored, and further strengthened portions of our IT environment. We will offer free identity protection and credit monitoring services to individuals who receive an email from us indicating that their information was impacted. We have also established a dedicated call center that can be reached at 800-621-9437 toll-free Monday through Friday from 8 am – 10 pm Central, or Saturday and Sunday from 10 am – 7 pm Central (excluding major U.S. holidays). Please reference engagement number B105892 when calling. The Company also has set up a webpage at www.mgmresorts.com/importantinformation.
I’m grateful to our employees for their resilience and dedication during this time. On behalf of everyone at MGM Resorts, I wish to also thank our customers for their loyalty and patience as we worked through this complex matter.
We regret this outcome and sincerely apologize to those impacted. Your trust is paramount to us.
We look forward to welcoming you and continuing to deliver the world-class entertainment experiences you expect from us.
It is truly our pleasure to serve you.
CEO and President
Cautionary Statement Concerning Forward-Looking Statements
Statements in this letter that are not historical facts are forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. These forward-looking statements are based on management’s current expectations and are subject to risks, uncertainties, and other important factors that could cause actual results to differ materially from those expressed or implied in the forward-looking statements. Examples of such factors include, but are not limited to, the scope of personal information that was accessed or obtained by the unauthorized third party and the efficacy of the measures that the Company is implementing to further enhance its system safeguards. Additional risks, uncertainties and other important factors are described in the Company’s filings with the Securities and Exchange Commission (the “SEC”), including the Company’s Form 10-K filed with the SEC on February 24, 2023. The Company is not undertaking any duty or obligation to update the forward-looking statements publicly as a result of new information, future events or otherwise, except as required by law. If the Company does update one or more forward-looking statements, no inference should be drawn that the Company will make additional updates with respect thereto or with respect to other forward-looking statements.