Personal data of MGM Resorts customers leaked on Telegram for free. 142 million records exposed

This weekend, vpnMentor researchers identified in Telegram 4 storage files with a total of 8.7 GB of information belonging to customers of MGM Resorts International, a hotel and entertainment company. Although the exact number of people affected has not been confirmed, specialists estimate that the leak is made up of at least 30 million individual records.

This information would have been taken from other data breach incidents, specifically two data breaches detected a couple years ago. 10 million records posted on a hacking forum in 2020 and 142 million more exposed months later are now together available on the messaging platform.

The compromised records date back to 2017 and include sensitive details such as:

Full namesAddressesEmail addressesTelephone numbersDates of birth

As in any phishing incident, threat actors could use the compromised information for the deployment of phishing campaigns, SIM swap, identity fraud and other attack variants against the millions of affected customers. In addition, cybercriminals can easily identify older adults, who are especially vulnerable to these types of attacks.

However, because the exposed data does not appear to be up to date, the security risk is reduced. At the time of the original leaks, this data was on sale for at least $2,900 USD; that they are now available for free seems to confirm that the information is of no value or interest to hacking groups.

Although considered a low-security risk, MGM customers are advised to take steps to prevent an attempted attack; resetting

Read more

Explore the site

More from the blog

Latest News