MGM Resorts International is expecting to take a more than $100m hit stemming from September’s cyberattack that caused much disruption at a number of the company’s properties.
In a regulatory filing, the operator noted that it anticipated a negative impact of approximately $100m to adjusted property EBITDA across Las Vegas strip resorts and regional operations.
In addition, $10m in one-time expenses have also been incurred during the third quarter. These relate to tech consulting services, legal fees and expenses of other third party advisors.
This stems from a cybersecurity issue affecting some of the properties systems on September 11, 2023, which was detected by the company towards the end of last month.
However, in a fresh update, the group has noted a belief that the unauthorised third-party activity is contained at this time. It is also thought that The Cosmopolitan of Las Vegas systems or data were not accessed.
It has been found that the criminal enterprise obtained personal information for some customers, including name, contact information, such as phone number, email address and postal address, gender, date of birth and driver’s licence numbers. For a limited number of customers, social security numbers and passport numbers were also gained.
However, it is added that the company does not believe that customer passwords, bank account numbers or payment card information were obtained.
“The company continues to focus on restoring the remaining impacted guest-facing systems and the company anticipates that these systems will be restored in the coming days,” the filing noted.
“The company believes that the operational disruption experienced at its affected properties during the month of September will have a negative impact on its third quarter 2023 results, predominantly in its Las Vegas operations, and a minimal impact during the fourth quarter.”
Despite this, the casino and entertainment operator does not expect that this cyberattack will have a material effect on its financial condition and results of operations for the year.
A belief of a strong fourth quarter of the year is aligned to the impending Formula 1 Las Vegas Grand Prix, which will take place on Sunday 19 November.
September also saw Caesars Entertainment acknowledge the recent detection of “suspicious activity in its information technology network”. It was reported that the firm paid approximately half of a $30m ransom demand.
