MGM Casino $100M CYBER ATTACK - What Your Business Can Learn From It

April 30, 2024

MGM Casino’s $100M Cyber Attack: What Your Business Can Learn About Cyber Liability Insurance

In September 2023, MGM Resorts International—one of the largest and most technologically advanced casino operators in the world—fell victim to a cyberattack that resulted in losses of over $100 million. If a business with this level of investment in IT security can be compromised, what does that mean for the average small to mid-sized business?


NBC News Article: MGM Cyberattack Cost $100M


Let’s break down what happened and what key takeaways your business can learn to protect against similar incidents.


What Happened to MGM?

The attackers didn’t rely on sophisticated malware or brute-force hacking. Instead, they used social engineering—specifically, a phone call to MGM's IT helpdesk. By impersonating an employee, they convinced support staff to bypass the Multi-Factor Authentication (MFA) system, giving them unauthorized access to MGM’s internal systems.


The simplicity of the breach is what makes it so alarming. Despite layers of advanced cybersecurity technology, human error was the weak link.


Why Cybersecurity Spending Alone Isn’t Enough

MGM spends tens of millions annually on its cybersecurity infrastructure. And yet, a single successful phishing-style call caused a massive operational shutdown across multiple casinos, delayed hotel check-ins, and took down slot machines and payment systems.


The reality is that 90% of cyber incidents involve human error—not technological failure.

This is a reminder that cybersecurity must include employee training, internal protocols, and risk transfer tools like insurance.


3 Key Lessons for Business Owners


1. Even the Best Systems Can Fail

No business is immune. You might have a firewall, antivirus software, and MFA in place—but human factors can still bypass all of them.


2. Cyber Liability Insurance Is a Critical Safety Net

When prevention fails, cyber insurance steps in to cover the fallout—business interruption losses, legal fees, forensic investigations, notification costs, and even ransom payments. Without insurance, a major breach could financially devastate your business.


3. Employee Awareness Is Your First Line of Defense

Train your team to spot phishing, avoid sharing sensitive data over the phone, and report suspicious activity immediately. A single uninformed action can have multimillion-dollar consequences.


Final Thoughts

The MGM cyberattack wasn’t just a blow to one of the world’s most recognizable brands—it was a wake-up call to every business that no amount of security spend can fully eliminate cyber risk.

If MGM can be hit, so can you. That’s why cyber liability insurance isn’t just optional—it’s essential to any serious business risk management plan.


Need help reviewing your cyber insurance coverage?


📞 We’re here to help. Contact us today to make sure your business is protected.

< Older Post

Newer Post >

Contact Us

What Is 3rd Party Cyber Liability Insurance Coverage?

What Is 3rd Party Cyber Liability Insurance Coverage?

May 1, 2024
Learn what third-party cyber liability insurance covers, how it protects your business from legal claims, and why it’s essential if you handle sensitive data or provide technology services.
What Is A Retention? (Cyber Liability Insurance 101)

What Is A Retention? (Cyber Liability Insurance 101)

April 29, 2024
Learn what a retention is in a cyber liability insurance policy, how it compares to a deductible, and why selecting the right retention amount is key to managing risk and controlling premium costs.
How Do Independent Insurance Agents Get Paid?

How Do Independent Insurance Agents Get Paid?

April 28, 2024
Wondering how independent insurance agents earn their income? Learn how commissions work, and why working with an independent agent can benefit you.
What Is First Party Coverage in Cyber Liability Insurance?

What Is First Party Coverage in Cyber Liability Insurance?

April 27, 2024
Learn what First Party Coverage in cyber liability insurance includes—data recovery, ransomware, business interruption, and breach response costs. Protect your business from direct cyber losses.
“We Aren’t A Target” - Biggest Misconceptions Of Cyber Insurance

“We Aren’t A Target” - 3 Biggest Misconceptions With Cyber Insurance

April 26, 2024
Think your business is too small for a cyber attack? Discover the top 3 misconceptions about cyber liability insurance and why every business—no matter the size—needs coverage.
Best Way to Renew Your Cyber Insurance Policy - 6 Strategies

What Is The Best Way To Renew Your Cyber Insurance Policy (6 Strategies)

April 23, 2024
Learn the 6 best strategies to renew your cyber insurance policy, including when to start, how to assess risk, and how to get better terms by showcasing cybersecurity readiness.
Top 10 Questions About Cyber Insurance - Answered

Top 10 Questions About Cyber Insurance - Answered

April 22, 2024
Get answers to the top 10 most common questions about cyber liability insurance, including what it covers, who needs it, how much it costs, and why it's essential in today’s digital world.
What Is Network Security Liability Coverage? Cyber Insurance 101

What Is Network Security Liability Coverage? (Cyber Insurance 101)

April 21, 2024
Learn what network security liability covers, how it protects your business from cyber threats, and why it’s a key part of your cyber liability insurance policy.
What Does Privacy Liability Cover? (Cyber Insurance 101)

What Does Privacy Liability Cover? (Cyber Liability Insurance 101)

April 19, 2024
Learn what privacy liability covers under a cyber liability insurance policy. Protect your business from data breach lawsuits, regulatory fines, and notification costs.
What Is an Aggregate Limit in Cyber Liability Insurance?

What Is an Aggregate Limit in Cyber Liability Insurance?

April 17, 2024
Learn what an aggregate limit is in cyber liability insurance, why it matters, and how to choose the right coverage for your business.
Show More