MGM Resorts International Data Breach Investigation

Migliaccio & Rathod LLP is involved in the MGM Resorts International data breach investigation, for a cybersecurity incident affecting an unspecified number of individuals and their personal information. Personal information taken includes driver’s license information: name, contact information (such as phone number, email address, and postal address), gender, date of birth, and driver’s license number. For a limited number of customers, Social Security number and/or passport number was also affected.

At time of the incident, affected were MGM’s Las Vegas resorts including Aria, the Bellagio, Luxor, MGM Grand and Mandalay Bay. TechCrunch reported that additional regional resorts that are potentially affected include MGM Springfield in Massachusetts, MGM National Harbor in Maryland, and the Empire City Casino in New York.

MGM posted the following notification of the incident on Monday, September 11, 2023 via X (formerly Twitter).

MGM followed up with a notice on its website. The breach occurred between September 8, 2023- September 12, 2023.

In previous cybersecurity incidents and data breaches, victims have noticed identity theft attempts related to their personally identifiable information ranging from fraudulent charges on bank accounts or credit cards, to unauthorized credit card applications, to medical services or government services ordered in their name, to their information being posted on the dark web, to a massive uptick in the number of spam text messages, calls and emails received.

Have you experienced any issues with your personally identifiable information through MGM Resorts International or received a data breach letter, email, or other notice?

If you received such a notice, we would like to hear from you.  Please complete the contact form on this page, send us an email at [email protected], or give us a call at (202) 470-3520.

The lawyers at Migliaccio & Rathod LLP have years of experience in class action litigation against large corporations, including in cases involving data breaches such as this. More information about our current cases and investigations is available on our blog.


Posted Notice