MGM-Grand Las Vegas

Were You and Justin Bieber in this Data Breach?

It took almost a year for them to acknowledge the data breach but one of the most famous names in the hotel industry has revealed that it was struck by a massive data breach and while the hotel is remaining silent about the severity, separately, experts claim that 10.6 million consumers were exposed.

MGM Resorts International 10.6 Million Customer Data Breach

With very little information coming out so far from the hotel, data breach research company Under the Breach claims that names, email addresses, phone numbers and physical mailing addresses of customers including many high profile people such as pop star Justin Bieber and Jack Dorsey the chief executive of Twitter were part of the data breach. Twitter declined to comment to the New York Times when asked for a comment.

MGM Downplays Breach Severity

In an unusual move, MGM Resorts appears to be tamping down the story revealing few details about the breach. Compliance laws will naturally compel them to notify the individuals exposed but today, most organizations tell the media general information such as the number of people affected, the types of data exposed and sometimes the way in which the information was exposed and what has been done to prevent the hack from occurring again in the future. MGM is taking a different approach.

MGM is referring to the exposed information as “phone book information” an apparent information to the name, phone number and physical address information that twenty years ago would have been commonly found in the phone book for most people. Of course, private email addresses, to say nothing of phone numbers would not be in any phone book and many people were and currently are unlisted so this obvious attempt at “spin” is not going to play well with many people.

Some More Sensitive Personal Info Exposed

Beyond “phone book information” MGM admitted that some people had their driver’s licenses, passports, military ID and other information exposed. In fact, it is often the case that the true extent of the exposure in terms of the range of data fields exposed and the number of people more broadly exposed is often difficult to accurately measure. Databases change over time as consumers and their information is updated. Plus, as we have seen before, hackers often lurk in a database for months and slowly leak data out of the organization to avoid drawing attention to themselves.

What Can You Do?

Last year it was revealed that Marriott hotels had one of the largest data breaches in history exposing 500 million hotel guests. At the time we discussed the danger of hotel data breaches because of the large amount of sensitive information hotels keep such as travel documents and government-issued identification. Become a Free Basic MyProfyle member today and learn more about risk factors like these so that you can take the appropriate steps to protect yourself and approve of reject use of your identity.


New York Times

Did You Find This Post Interesting?

Join our email list to get the latest blog posts sent to you