MGM Grand was hacked last year which led to the leakage of millions of customer records including their names, phone numbers, addresses, and dates of birth. Deep web vendors now suggest that the same data is now being dumped for Bitcoin or Monero.
Data of 142 million guests
The hackers are trying to sell customer data on the darknet markets for about $2,939. They will be accepting payments in either Bitcoin (BTC) or Monero (XMR) digital currencies. The data dump includes records of about 142 million guests at the hotel. The report was initially released on ZDnet and it was believed that data of 10 million guests in 2019 was compromised.
The sellers suggest that they have access to data of 142,479,937 guests of the MGM Grand hotel. A security group monitoring the data at the hotel suggests that the hackers are lying about the numbers. Vinny Troia, the founder of Night Lion Security said that their company does not own or manage the full database of MGM.
An MGM spokesperson said,
“MGM Resorts was aware of the scope of this previously reported incident from last summer and has already addressed the situation. The vast majority of data consisted of contact information like names, postal addresses, and email addresses.”
High profile names in the list
When the leak was initially reported, it was evident that data of some high-profile guests like Twitter founder Jack Dorsey and pop singer Justin Bieber could be available. The hackers published a free sample of their data dump on the Empire Market, where they are selling information. MGM has clarified that financial data like stay details, social security numbers, etc. were not taken during the hack.
The leak in data was first discovered in February last year. At the time intel firm KELA’s head of research Irina Nesterovsky said that the data was sold to “private hacking circles”. The data could be being sold in smaller parts for cryptocurrency. Another post about the MGM hack surfaced later which said that data of at least 200 million guests was at stake.