Statement on MGM Resorts International: Setting the record straight
Statement on MGM Resorts International: Setting the record straight
Group: alphv
Discovered by ransomware.live: 2023-09-14
Estimated attack date: 2023-09-14
Description:
MGM Resorts International is an American global hospitality and entertainment company.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 5
Compromised Users: 2324
Third Party Employee Credentials: 28
External Attack Surface: 103
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse comlaude.com
- mgmresorts.com-Registrant anonymised.email
- mgmresorts.com-Admin anonymised.email
- mgmresorts.com-Tech anonymised.email
MX Records
- mgmresorts-com.mail.protection.outlook.com.
TXT Records
- 8glQV7gcn-YUtm5zOwk56lPRkdtdsWQ
- v=spf1 include:_u.mgmresorts.com._spf.smart.ondmarc.com ~all
- UTI5DQ2MlFJxNjlMPtuJsV1Vle/EZ6gVxm6L05prPo1tw2iOXcPtIKhdT5xhKyYxdDaq0+YVnDJ+FwkwgG+1TA==
- onetrust-domain-verification=0d7d38c46bbe46628208aca040e598f4
- slack-domain-verification=JDBscJ2V2hGRRUpuBO3AoLHh6l0cN0g4aaLr1Bca
- google-site-verification=203xqitmtIANrgv-S8BOAW-dfhBgaVYcgO6ShRak7Bk
- _u7lgmq5ooestkbfj2zn73rttolyv8rd
- _lpch0j3y90dfbt3wlphq0h37xvm54ma
- miro-verification=7c3d69e215f2806e15f61cef46458fb4364324e4
- atlassian-domain-verification=9bdOJ8XtNLgMKA3Ta5FhAc6cApD7mvFjn8ThAN4bgJYf3KZELCXTddYZWgrEjBmi
- liveramp-site-verification=u07we5zG-t3EWq50Pc_ynXQZpaka195p5VA1Y3R44Hg
- onetrust-domain-verification=4a4595ecb88140c2b5e6ae9ce918fb2b
- google-site-verification=SxZvKyPO6y9OpvWElKm8wwBBZExduKvUOF1XkLqydHk
- IT82Caqocb2oj/j9m/ANLD2rgiEU0JI+OQqvdsv8yxETPOYCVlzxZnhDeh5NGZ9Nro+sRPsEmq/aCKDfVcigZA==
- google-site-verification=TO1EIoQBPkFSaKny8S1f1kWEODgK-jU2fbMYbd8mFpQ
- amazonses:cztKdw826BzaeK3vpxLP+qAGPtEghKg0WQshg85KAu4=
- 23fea3bb-fc95-4b78-a2da-9d158bd3c1db
- adobe-idp-site-verification=4f4c8632ccce919168cfb3c2ad1751fd4c127bb0893ecdeb5d6836bc92675b77
- jamf-site-verification=PAb1jNlKlImApD7vh7RV8w
- google-site-verification=_g3xwX3H9bWJiTwT32xGK1iBSXFSWaMZbyB_OBlYI3k
- apple-domain-verification=rj2BWgeahRHLlHi2
- atlassian-domain-verification=Uc+BL+NEjbJgkZuOvB30regMyzDgwvw+j4LpF6yii6ihlfUsd9e2/qrdP0+yfKPN
- postman-domain-verification=fc56461a2d8fd2e2d81cc53b91c39847639aa12da76b0a7506de8131b86dbe8a088659d14d6756c94a3da63ec5c4ecdf6a1519a7604ae5020db8d01eeed97031
- cisco-ci-domain-verification=df57e6c014402872a90f09e51a3ce0935f4e943721c1821a55588348c8a1991
- MS=ms98808721
- facebook-domain-verification=f7o18wzdusk0xi6m6rnz6ttecgt0rg
- adobe-sign-verification=3e4eac3a44084c45dcaf304fc3fb0b0d
Cloud / SaaS Services Detected
Adobe
Apple
Atlassian
Amazon SES/WorkMail
Microsoft 365
Slack
Miro
JamF
Cisco
OneTrust
Leak Screenshot:
