According to a research study by Integrity360, data theft has surpassed ransomware as the top concern for IT professionals, with 55% ranking it as their primary worry. Phishing attacks came in second at 35%.
And it turns out the attack I discussed on MGM last week was intended to be more than ransomware. Hackers known as “Scattered Spider” allegedly breached the security at MGM’s casinos, initially planning to manipulate slot machines but resorting to data theft and ransom demands when their plan failed. But… The group posted a message on Thursday night claiming responsibility for the attack but denying that anyone tried to tamper with slot machines. It also criticized what it said was inaccurate reporting on the hack and said it hadn’t officially spoken to anyone about the hack and “most likely” wouldn’t in the future. The message said that data was stolen from MGM, which has thus far refused to engage with the hackers or pay any ransom.
Caesars Entertainment has confirmed that it was hacked last month following a similar attack on MGM casinos. The attack on Caesars involved a social engineering attack on an IT support vendor also from Scattered Spider, resulting in the theft of the company’s loyalty program database. The hackers reportedly obtained many members’ driver’s licenses and Social Security numbers. Caesars, however, paid the ransom.
And Okta may be involved in the MGM hack by exploiting a flaw in the Okta Agent. The attackers were able to sniff passwords and launch ransomware attacks. Okta confirms the social engineering component of the attack and warns of similar attempts on its systems.
Why do we care?
Let’s put our tin foil hats on and be skeptical of the claims of rigging the slots as more movie plot than real, but the point is that targeted data use is more valuable. And note the same group being targeted across an industry. High-profile hacks remain helpful for their educational value, and this one is proving to have lots of that value.
Attackers are no longer just content with holding data hostage; they’re more interested in harnessing its intrinsic value. Furthermore, the consistency in targeting a specific industry, in this case, the casino industry, indicates a more strategic approach by cybercriminals.

