In a lengthy statement on its dark web leak site on September 14, 2023, BlackCat disputed that it had previously claimed the attack, while asserting that it had now in fact deployed ransomware on MGM’s systems following unsuccessful negotiations with the company. It was also reported that the company was initially compromised by a relatively straightforward social engineering attack known as vishing (voice phishing). The cyberattack was quickly linked to the ransomware group BlackCat, also known as ALPHV (scroll down to find out more about them). The systems impacted by the incident were reported to be the company’s website, reservation systems, and hotel electronic key cards. The attack against MGM Resorts was first reported on Septemwhen the company tweeted a statement about a “cybersecurity issue affecting some of the Company’s systems”.
