MGM Resorts, a leading player in the hotel and casino industry, has agreed to a $45 million settlement to resolve over a dozen class action lawsuits. These legal actions stem from two major data breaches that compromised the personal information of millions of customers.

Details of the Settlement

The settlement agreement, submitted to court on January 21 as reported by The Record, awaits a ruling by a Las Vegas federal court on June 18. The settlement addresses the repercussions of breaches that occurred in 2019 and 2023, affecting over 37 million customers.

Background on the Data Breaches

In 2019, hackers accessed MGM Resorts' databases, extracting sensitive data including customer names, addresses, and phone numbers. The breach was confirmed in 2020 after the stolen data appeared on a cybercrime forum. The 2023 incident involved a ransomware attack, severely impacting MGM's Las Vegas Strip properties, such as Bellagio and Aria. The attack led to operational disruptions lasting weeks and resulted in thefts of Social Security and passport numbers. The financial damage from this breach exceeded $100 million for MGM.

Impact on Affected Customers

Although MGM has not disclosed the exact number of affected individuals, it is reported that more than 37 million customers were impacted. - Under the settlement, affected customers may receive compensation up to $75, determined by the specific nature of the stolen data. Approximately 30% of the settlement fund is allocated for attorney fees. MGM Resorts has not provided comments on the settlements or the breaches.

The link has been copied!