MGM Resorts has agreed to pay $45 million in a settlement with the Federal Trade Commission (FTC) following a major data breach in 2023 that exposed personal information belonging to 37 million customers.
The agreement brings an end to the FTC’s legal action. Those affected by the breach have been notified by email and can now submit claims for compensation. Payments vary depending on the type of information compromised. Customers whose Social Security numbers were exposed can apply for $75. Those whose passport or driver’s license numbers were compromised are eligible for $50. If only an address and date of birth were leaked, the payout is $20.
Claimants must use the unique ID and PIN provided in the email to file. MGM is also offering one year of free credit monitoring to those who qualify. The deadline for filing is June 3.
The cyberattack took place in October 2023, when a group known as Scattered Spider infiltrated systems at both Caesars Entertainment and MGM Resorts. Caesars reportedly paid $30 million to avoid a major disruption. MGM, however, refused to pay the ransom. The hackers responded by shutting down slot machines, hotel systems, and other operations tied to the company’s internal networks.
The outage affected MGM casinos across the country. For several days, the business was running without key digital infrastructure. CEO Bill Hornbuckle recalled the extent of the disruption, saying, “We found ourselves in an environment where for the next four or five days, with 36,000 hotel rooms and some regional properties, we were completely in the dark. Literally, the telephones, the casino system, the hotel system – and I could go on and on and on – were not functioning. And so… you put the company to the test.”
The company eventually restored its systems after widespread reformatting and server replacements. In a filing with the Securities and Exchange Commission, MGM said the breach caused around $100 million in losses.
Before the settlement, the FTC had demanded extensive documentation from MGM, including details on past security incidents, identity theft protections, and procedures. MGM pushed back with a lawsuit challenging the commission’s request. The new agreement ends that legal dispute.
The data breach and settlement add to the list of disruptions hitting the corporate world amid broader global instability. On the same week the FTC settlement was announced, markets around the world reacted to trade tensions, with Asian stocks down by as much as 10% and Bitcoin falling below $77,000. The crypto market saw additional declines, with Ethereum and XRP dropping more than 15%.
The post MGM Ends FTC Dispute With Multimillion Dollar Payout appeared first on iGaming.org.