MGM Grand Data Hack Underscores the Need for Cloud Security
Technology

MGM Grand Data Hack Underscores the Need for Cloud Security

|
On February 19, ZDNet reported that a hacking forum had published the personal details of 10.6 million people who had stayed at MGM Resorts hotels.

Does the MGM Grand data hack scare you? It should.

On February 19, ZDNet reported that a hacking forum had published the personal details of 10.6 million people who had stayed at MGM Resorts hotels. According to ZDNet, “Besides details for regular tourists and travelers, included in the leaked files are also personal and contact details for celebrities, tech CEOs, reporters, government officials, and employees at some of the world's largest tech companies.”

The details include full names, home addresses, phone numbers, emails, and dates of birth. According to MGM, no financial, payment card, or password data was involved. But the victims whose information was compromised face a higher risk of being subjected to scams such as spear-phishing emails, in which the hacker attempts to gain sensitive details or install malware on a computer through fraudulent emails that seem to come from someone known to the intended victim of the attempt.

How did this happen? MGM told ZDNet that during the summer of 2019, the hotel had discovered unauthorized access to a cloud server that contained the customer data. ZDNet says that hacker is believed to have an association, or be a member of GnosticPlayers, a hacking group that dumped more than one billion user records in 2019.

MGM is not alone. In the first half 2019 alone, cyber attacks on businesses rose by 39 percent over 2018, according to Net Scout. In addition, attacks are getting more sophisticated. From 2019 to 2023, $5.2 trillion in global value will be at risk from cyberattacks. No wonder cyber security is one of the Top 5 threats to economic growth, according to the 23rd Annual PwC Global CEO survey (as I blogged recently). These attacks not only cost money – they also create long-term damage to a business’s reputation.

I urge all business leaders to make security one of your top priorities. As our own CEO Don Scales wrote in Forbes last year, CEOs cannot afford to stand by and make cyber security someone else’s priority at their company. At a minimum, CEOs need to get a working vocabulary of the security threats that apply most to you, and you need to make it a top priority that everyone in your company undergoes training.

The fact is, managing cloud security is getting more and more challenging by the day. Hackers are constantly devising new ways to attack a business, making it necessary for businesses to manage security as a full-time process.

Contact Investis Digital

At Investis Digital, we have a practice that helps businesses safeguard their own digital infrastructures against cyber threats. It’s based on our own bullet-proof security measures. Check out our guide, A Rising Tide: An Overview of Securing Public Websites in the Cloud, for more insight into the steps we take to fight cyber threats.