After the announcement of the breach in the summer of 2020, MGM thought things couldn’t get any worse. But, it seems as though things just might have… 


MGM Grand

A recent discovery by researchers indicates that over 142 million guest records from the MGM Grand are currently for sale, online. Thus, indicating that the data breach from summer 2019 is an even bigger problem than originally imagined. 

To begin, back in the summer of 2019, the MGM Grand Hotel located in Las Vegas, Nevada faced a data breach. It wasn’t until February 2020, that the hotel announced the breach to the public. 

In a previous article written by CPG, we discussed the breach and those affected. 


The personal information of over 10 million guests of the MGM was breached. Continuing, the cloud server storing such information was accessed by unauthorized personnel. Then, uploaded and leaked to an online hacking forum.


Overall, once the hotel announced the breach, they also revealed that they would continue to investigate the breach as well as work with cyber forensic companies. 

But today, researchers revealed that due to the hack back in the summer of 2019, not all ends were tied up or resolved. 


The 2020 Perspective

Over the weekend, a hacker put up over 142 million MGM Grand customer accounts for sale on the Dark Web. 

According to ZDnet, the hacker was able to obtain the information after breaching DataViper. DataViper is a security monitoring service owned by Night Lion Security

The claims and stories surrounding this attack go on and on. Some insiders claim that this data set had been circulating for sale since July of 2019. 

Overall, the hotel is once again trying to get a handle on the situation. Some researchers think that the scope of 142 million doesn’t cover all the stolen credentials. Who knows, maybe in a few more months, we will see even more breached data for sale. 

If or when this does happen, stay tuned to CPG. We are always covering the latest hacks and cyber attacks. 


By Taylor Ritchey