MGM Begins Paying Out After Big Data Breach Deal

MGM Resorts International has started to pay people affected by two major cyber attacks, after wrapping up a $45 million class-action settlement in January. These payments mark the end of a long legal battle stemming from breaches that exposed personal information of millions of customers.

Cyberattacks Cost MGM Millions and Exposed Data of 37M People

The deal, finalized this year, settles claims related to security failures in 2019 and 2023. Court documents show that hackers accessed some form of personal data for over 37 million people during these attacks. This led to lawsuits claiming MGM did not do enough to protect sensitive information.

The first breach happened in mid-2019 when hackers got into guest records without permission and took home addresses and passport information. A second attack, which caused much more trouble, hit in September 2023. It shut down MGM’s Las Vegas casino operations for more than a week. The company thought this attack alone might cost them close to $100 million in recovery expenses and lost business.

The settlement agreement sets compensation based on the type of information leaked. People whose driver’s license or passport numbers have been compromised can receive a smaller cash payment. Those whose Social Security or military ID numbers were revealed can receive more money. Victims who can prove financial losses from fraud or identity theft may get up to $15,000 back.

Victims Offered Cash and Free Identity Protection After MGM Breach

People can choose how to get their money, including bank transfers or popular digital payment apps. Besides direct payments, eligible individuals can also sign up for free identity protection services. These services help keep an eye on financial activity and lower the chances of someone misusing their data in the future.

MGM says it settled without admitting fault, stressing that the deal lets both parties move on. Lawyers for the plaintiffs say the agreement helps affected customers and shows why better cybersecurity matters in industries with lots of consumer data.

Hotels and casinos often attract hackers because they hold so much personal and financial information. The MGM breach follows similar events at other big companies, raising more worries about digital safety in the field.

As payments begin, the settlement ends this chapter for many customers whose data was exposed. It also reminds companies of the big risks they face when they do not protect data well enough.