Personal data of 10.6 million MGM Resorts customers is shared online in a forum. This concerns data that were stolen in a hack last year, the hotel chain confirms. There are no credit card details.
According to ZDnet, the data was published this week on a popular hacker forum. This concerns data from a total of 10.6 million customers of MGM Resorts. The chain owns many major hotels in America, including MGM Grand, Bellagio and Mandalay Bay in Las Vegas.
The dataset contains names, address details, telephone numbers, e-mail addresses and dates of birth. Credit card information is missing, but the personal data can, for example, be misused for targeted phishing against celebrities, CEOs, journalists and government employees.
According to ZDnet, the dataset contains a lot of data from employees of large tech companies. CES, the world’s largest tech trade show, takes place annually in Las Vegas. Visitors and exhibitors of that fair usually stay in hotels in the city. The data set includes data from Twitter CEO Jack Dorsey and singer Justin Bieber.
ZDnet verified the data in collaboration with security service Under the Breach. MGM Resorts confirms to the site that the data has been stolen. According to the hotel chain, there was a hack last year and it concerns relatively old data. It would be customer data up to 2017 and the affected customers would have been notified last year.