Listen To Article
Authorities have arrested a 17-year-old male in Walsall, England, on suspicion of involvement in a ransomware attack that disrupted operations at MGM Resorts in Las Vegas last year.
The West Midlands Police Department confirmed the arrest, noting the teenager is suspected of blackmail and violating the UK’s Computer Misuse Act. He has been released on bail.
The arrest followed a joint investigation involving the UK’s National Crime Agency and the FBI. Police recovered several digital devices from the suspect’s home, which are currently undergoing forensic examination. Authorities have linked the teenager to a global cybercrime group but did not specify which group.
The ALPHV/BlackCat ransomware group has claimed responsibility for the attack on MGM Resorts, which occurred on 12 September 2023. The group reportedly executed the attack by making a phone call to an MGM Help Desk employee, using information sourced from LinkedIn. This led to a nine-day system shutdown across MGM Resorts’ properties on the Las Vegas Strip.
The ALPHV group stated on social media platform X: “All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk.”
The cyberattack caused significant disruptions, impacting operations across all MGM Resorts casinos on the Las Vegas Strip. In a related incident, Caesars Entertainment was also targeted by a different hacking group around the same time. Caesars reportedly paid tens of millions of dollars to the hackers to prevent the release of private company data.
Last month, MGM Resorts entered a partnership with Playtech to offer live casino content from its Las Vegas properties. This collaboration aims to stream live casino games, including roulette and baccarat, from the MGM Grand and Bellagio Resort & Casino, branded as ‘MGM Live’, This content will be available for licensing in regulated markets worldwide, excluding the US.