Hacking a website might not seem like a pretty big deal nowadays with the vast leaps in espionage technology and the general demeanor that the general public seems to carry around. Recently, the MGM resort group reported that they had a potential third party backdoor entry that distributed personal data of their guests.
A report quotes that data loss for guests numbering in millions, 10.6 million to be exact.
The hack gained access to the data of the guests that were camped in the resort last summer. The hack was further exposed by ZDNet on Wednesday, which said that the stolen information was posted on a thread that usually caters to leaked information. The leaked data exposes the names, addresses, and passport numbers of the former guests.
MGM in a press release quoted that no financial data was exposed. Furthermore, MGM claims that it is impossible to actually pinpoint the number of people that were affected by the breach as the data seems to be duplicated.
“Last summer, we discovered unauthorized access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts. We are confident that no financial, payment card or password data was involved in this matter,” a spokesperson for MGM Resorts said.
However, recent reports suggest that big names such as Justin Bieber and Twitter founder Jack Dorsey were the people that were affected. MGM did not adhere to this.
MGM further claims that most of the data stolen was “phonebook information”, information that is already publicly available. However, a further 1,300 guests were informed that more sensitive data including passport numbers were revealed. A further 52,000 customers were told that less sensitive personal data was exposed.
Notably, by law, MGM is bound to notify the customers who were exposed to the breach.