MGM Resorts Begins Compensation for Data Breach Victims

MGM Resorts Starts Payouts Following Massive Data Breach Settlement

MGM Resorts International has initiated payments to individuals affected by two significant cybersecurity breaches after finalizing a $45 million class-action settlement earlier this year. This settlement concludes a lengthy legal dispute involving the exposure of personal information from millions of guests.

Data Breaches in 2019 and 2023 Expose Information of Over 37 Million People

The settlement addresses security lapses that occurred during two cyberattacks in 2019 and 2023. Court records reveal that hackers accessed personal details of more than 37 million people in these incidents. As a result, lawsuits alleged that MGM failed to adequately protect customer data.

The initial breach took place in mid-2019, when unauthorized access to guest records compromised home addresses and passport numbers. A more severe attack followed in September 2023, which disrupted MGM’s Las Vegas casino operations for over a week. This incident alone was estimated to have cost the company nearly $100 million in recovery and lost revenue.

Under the settlement terms, compensation varies by the sensitivity of the leaked information. Individuals whose driver’s license or passport numbers were exposed are eligible for smaller payments, while those with Social Security or military ID numbers compromised receive higher amounts. Victims who can demonstrate actual financial losses due to fraud or identity theft may be entitled to up to $15,000 in reimbursement.

Victims Receive Monetary Compensation and Free Identity Protection Services

Recipients can choose how to receive their payments, including options like bank transfers or popular digital wallets. In addition to monetary awards, eligible individuals are offered free identity protection services designed to monitor their financial activity and help prevent future misuse of their personal information.

The company states that the settlement was reached without any admission of liability and emphasizes that it allows all parties to move past the issue. Plaintiff attorneys highlight that the agreement offers relief to those affected and underscores the importance of improved cybersecurity in sectors handling large volumes of consumer data.

Hotels and casinos are frequent targets of cyberattacks due to the extensive personal and financial details they manage. The MGM breach joins a series of similar incidents at major firms, raising ongoing concerns about data security in this industry.

With payments underway, this settlement closes a challenging chapter for many victims, while also serving as a warning for companies to strengthen data protection measures to mitigate the significant risks of cyber threats.