(Bloomberg) — MGM Resorts International has been saying its hotels and casinos are “operational” following a cyberattack over the weekend that appeared to take down everything from payment systems to sportsbooks.
Most Read from Bloomberg
Some of its patrons begged to differ.
Scanning a largely empty casino floor at the MGM Grand in Las Vegas on Tuesday, Marina Lopez said the hack has been a hassle. Restaurants were only taking cash, as was the poolside bar: She had to pay cash for a margarita the previous day. An even bigger annoyance greeted guests eager to try their hand at the slot machines. Many one-armed bandits, she said, weren’t working.
“People came to play, they couldn’t play and they left,” said Lopez, a hotel guest from Santa Cruz, California.
Days after the cyberattack on Las Vegas-based MGM, the fallout at its properties along the city’s famous strip varied from casino to casino. Sportsbooks were closed at the Cosmopolitan and MGM Grand. Several guests faced long waits to check in because staff was doing everything by hand, jotting down credit-card information on clipboards. Slot-machine attendants cashed out players the same way.
Many of the websites to MGM’s resorts, including the ones used to make reservations, remained down on Wednesday morning. The company was referring customers to third-party websites to make bookings.
Shares of MGM fell 1.7% to $41.99 Tuesday in New York. That’s on top of a 2.4% loss Monday. And they were were down even further in after-markets trading.
Still, more than half of the guests interviewed at the Cosmopolitan and the Bellagio, which seemed largely unaffected, weren’t aware of the hack. By midday Tuesday, credit cards were being accepted in at least some of MGM’s resorts.
Details of the attack remain scant, including who was behind it, their possible motive and the type of information the hackers may have obtained. The FBI office in Las Vegas was aware of the attack and assisting, an agency spokesperson said. MGM was also the victim of a 2019 data breach that exposed personal information on as many as 10.6 million customers.
MGM shut certain systems after discovering the attack over the weekend and began an investigation with the help of external cybersecurity experts, according to a statement posted on social media. By Monday evening, MGM was saying its resorts, including dining, entertainment and gaming, were “currently operational.”
Clearly not without some snags.
A waiter at the Cosmopolitan, who asked not to be identified, said credit-card payments were working, but online orders and communications between properties remained down.
Traffic at the MGM Grand was noticeably light. A number of slot machines weren’t functioning, and an ATM machine wasn’t providing cash advances.
Most Read from Bloomberg Businessweek
©2023 Bloomberg L.P.