Days before MGM’s (NYSE:MGM) computer systems were taken down in a cyberattack, casino operator Caesars (NASDAQ:CZR) paid out a ransom worth $15 million to a cybercrime group that managed to infiltrate and disrupt its systems
Reports are circulating that the cybercrime group has made a ransom demand to MGM as well.
There have now been two highly disruptive attacks on the gaming industry in a matter of weeks. Caesars reported its incident in a U.S. Securities and Exchange Commission filing Thursday morning. The 8-K report, similar to one filed by MGM Resorts on Wednesday, acknowledges the hack as a material event.
The cybercrime group demanded a $30-million ransom from Caesars, but the company ultimately agreed to pay about half that, sources said. The costs will be partially mitigated by Caesars’ cyber insurance policies.
But Caesars does not anticipate the ransom payment or fallout will have a material effect on the company’s bottom line, according to the filing.
Bloomberg previously reported the ransom and that the same group is behind the attacks on both companies. The group, known as UNC3944 or Roasted 0ktapus, was also linked to the MGM attack by vx-underground, a widely followed cybersecurity researcher on X, formerly known as Twitter. Security researchers have connected the group to attacks on other companies, including Cloudflare (NYSE:NET), Okta (NASDAQ:OKTA) and Twilio (NYSE:TWLO).
Shares in CZR sank 35 cents to $53.22, while those for MGM demurred 48 cents, or 1.1%, to $41.09.
