MGM, Caesars File SEC Disclosures on Cybersecurity Incidents

Pursuant to new regulation, both gaming companies reported recent cyber incidents to the SEC.

MGM Resorts and Caesars Entertainment have both filed required disclosures of cyber incidents to the Security and Exchange Commission (SEC) following ransomware attacks on their casino empires.
The
SEC passed new rules last March
requiring publicly traded companies to report material cybersecurity incidents to the regulator within four days.
Caesars SEC filing,
dated Sept. 14, acknowledges an unauthorized actor exfiltrated a copy of the companys loyalty program database on Sept. 7, which included sensitive data like Social Security and drivers license numbers on a significant number of members.
Information provided by
MGM Resorts is its own SEC report,
dated Sept. 13, is more scarce. The hospitality company only reiterated its previous press release from Sept. 12 saying it has identified a cybersecurity issue and an investigation is ongoing.
Unlike MGM Resorts, which days later is still experiencing system outages, Caesars reported to the SEC, Our customer-facing operations, including our physical properties and our online and mobile gaming applications, have not been impacted by this incident and continue without disruption.
Caesars also seems to refer to
reports of a ransom payment
in its SEC disclosure:
We have incurred, and may continue to incur, certain expenses related to this attack, including expenses to respond to, remediate and investigate this matter, Caesars said in its filing. The full scope of the costs and related impacts of this incident, including the extent to which these costs will be offset by our cybersecurity insurance or potential indemnification claims against third parties, has not been determined.
MGM declined to provide any additional details on the Sept. 10 cyberattack on its systems, however, those familiar with the incidents say the threat group Scattered Spider is behind both the MGM Resorts International system outages, as well as the Caesars breach just days before.
The SEC also declined to comment on the disclosure filings.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
MGM, Caesars File SEC Disclosures on Cybersecurity Incidents