Data breach lawsuit against MGM blames fear of bad publicity

(Photo: Tip Kilby from Pixabay)
(Photo: Tip Kilby from Pixabay)

MGM Resorts International customers who allege the company allowed their data to be breached by hackers are suing the company in federal court.

In a class-action lawsuit, MGM Resorts International is being sued for a data breach that landed personal information for close to 11 million individuals in the hands of hackers and on a public website.

The breach, acknowledged by MGM to customers last year, took place in the summer of 2019, according to the suit.

“MGM has indicated that, on or about September 5, 2019, it notified affected customers that their PII [personally identifiable information] had been exfiltrated, but assured them that ‘there is no evidence that your information has been misused,'” the suit says.

“Seeking to avoid additional negative publicity on the heels of the mass shooting that occurred 8 months earlier, MGM avoided bringing the matter to public light, hoping that the Breach and its inadequate cyber security practices would go unnoticed,” the suit incorrectly alleges. The shooting massacre on the Las Vegas Strip took place on October 1, 2017, not eight months before the breach in the summer of 2019.

“Unfortunately, the miscreants that took and/or acquired the sensitive PII had other plans, and on February 19, 2020, internet technology publication ZDNet revealed that the personally identifiable information of more than 10.6 million MGM hotel guests had been posted on a popular internet hacking forum, available for misuse by a host of bad actors,” according to the lawsuit.

“The Data Breach was a direct result of Defendant’s failure to implement adequate and reasonable cyber-security procedures and protocols necessary to protect customer PII,” the suit says.

“We will continue to hold companies accountable for the harm they cause in people’s lives until they start treating consumers’ data with the care it deserves,” plaintiffs’ attorneys John Morgan and John Yachunis said in a statement to the Current.

MGM Resorts International did not immediately respond to requests for comment, but has told other media outlets the breached data amounts to information such as names and addresses commonly found in phone directories.

Dana Gentry
Reporter | Dana Gentry is a native Las Vegan and award-winning investigative journalist. She is a graduate of Bishop Gorman High School and holds a Bachelor's degree in Communications from the University of Nevada, Las Vegas. Gentry began her career in broadcasting as an intern at Channel 8, KLAS-TV. She later became a reporter at Channel 8, working with Las Vegas TV news legends Bob Stoldal and the late Ned Day. Gentry left her reporting job in 1985 to focus on motherhood. She returned to TV news in 2001 to launch "Face to Face with Jon Ralston" and the weekly business programs In Business Las Vegas and Vegas Inc, which she co-anchored with Jeff Gillan. Dana has four adult children, a grandson, three dogs, three cats and a cockatoo named Casper.