Justin Bieber and Twitter CEO Jack Dorsey are among 10MILLION MGM Resorts guests whose addresses, phone numbers and emails have been leaked online by hackers
- A breach in July of 2019 saw personal information of guests posted online
- It is unclear whether it applied to a specific hotel or all of MGM’s resorts
- The stars’ addresses, phone numbers and dates of birth were accessed
- No financial data or passwords were compromised, the company said
- MGM was made aware of the leak and informed its guests in August 2019
- The data was dumped on a popular hacking forum this week but has now been removed
More than ten million former guests of MGM Resorts had their personal data stolen and posted online this week by hackers as part of a huge data breach.
A report found personal information belonging to Justin Bieber, Twitter CEO Jack Dorsey and a number of government officials among those on the site.
The leak happened last summer and saw home addresses, phone numbers, emails and dates of birth exposed.
Information was not previously available to the public but appeared on a hacker forum earlier this week.
No financial, payment card or password data was involved in the incident and the guests affected were notified, according to the statement.
It is unclear if the breach applies to just one hotel or several in the company’s portfolio.
MGM Resorts, which has resorts in Detroit, Mississippi, Maryland, and New Jersey as well as the famous Bellagio, Mandalay Bay, MGM Grand and The Mirage, confirmed the breach in statement.
MGM Resorts, which has resorts in Detroit, Mississippi, Maryland, and New Jersey as well as the famous Bellagio, Mandalay Bay, MGM Grand and The Mirage, confirmed the breach in statement
The leak happened last summer and saw home addresses, phone numbers, emails and dates of birth exposed, including of Justin Bieber (pictured). Information was not previously available to the public but appeared on a hacker forum earlier this week
‘Last summer, we discovered unauthorised access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts’, a company spokesman said.
Technology site ZDNet first reported the breach and recruited a cyber-security expert to confirm the findings.
Journalists at the digital news site reached out to former guests to confirm their details matched what was found online.
Jake Moore, Cybersecurity Specialist at ESET, told MailOnline: ‘This sort of data is a honey pot for cyber criminals.
‘When personal information such as this is leaked it becomes very sought-after, especially when it includes contact details for a number of high profile users such as celebrities.
‘All the users on this list should now be concerned about the increased risk of further attacks such as targeted phishing emails, or worse still, falling victim to SIM swapping.
‘This is when cyber criminals use social engineering to manipulate mobile network providers into porting your phone number to a new SIM.
‘Attackers can then change two-factor authentication (2FA) codes and get into online accounts bypassing passwords.’
More than ten million customers of MGM Resorts had their personal data posted online as part of a huge data breach. A report found information belonging to Justin Bieber, Twitter CEO Jack Dorsey and a number of government officials on the site
After successfully verifying the information, MGM was made aware of the breach.
MGM then confirmed the data, and customers were reportedly notified in August 2019.
The information was not made public until this week, when the personal information 10,683,188 former hotel guests was posted on a popular hacking forum.
A spokesperson said in a statement: ‘Last summer, we discovered unauthorised access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts.
‘We are confident that no financial, payment card or password data was involved in this matter.
‘MGM Resorts promptly notified guests potentially impacted by this incident in accordance with applicable state laws.’