SAN FRANCISCO, Sept 18 (Reuters) – Hackers who breached casino giants MGM Resorts International (MGM.N) and Caesars Entertainment (CZR.O) in recent weeks also broke into the systems of three other casino companies. manufacturing, retail and technology sectors. space, said a security executive familiar with the matter.
David Bradbury, chief security officer at identity management company Okta, said five of the company’s clients, including MGM and Caesars, had fallen victim to hacking groups known as ALPHV and Scattered Spider since August.
In an interview with Reuters, Bradbury did not name the other companies, but said Okta was cooperating with official investigations into the violations.
The attacks have put a spotlight on ransomware attacks – cyber intrusions that affect hundreds of businesses each year, from healthcare providers to telecommunications companies. MGM and Caesars lost market value last week as stock prices fell, and MGM has yet to recover from several disrupted operations at the hotels and gaming halls it owns, from Las Vegas to Macau.
San Francisco-based Okta, which says it has more than 17,000 customers worldwide, offers identity services such as multi-factor authentication used to help users securely access online apps and websites. Multiple violations it identified in its customers last month led the company to issue an alert, Bradbury said.
“We saw this happen in such a small period of time and thought we should come forward to the industry at large and explain what’s happening here,” he said.
At the time, Okta said its U.S. customers were reporting a consistent pattern of attacks in which hackers impersonated employees of a victim company and convinced its IT help desk to let them. will provide duplicate access.
“We have seen consistently over the last six to 12 months an increase in these types of attacks,” Bradbury said.
MGM has not commented on the statement or the hack, beyond saying last week that it was a “cybersecurity issue.” Caesars previously said it was investigating the violation.
The financially motivated hacker group ALPHV claimed responsibility for the MGM hack in a post on its website on Friday and warned MGM of further attacks if it did not reach a settlement. It is unclear how much ransom ALPHV has demanded.
Bradbury said the group had broken into MGM and gained access to its client Okta, allowing it to access more credentials in the identity management company’s system.
Scattered Spider appears to have worked with ALPHV on the latest attacks, Bradbury said, citing research by security analysts who have followed both groups. “Think of them more as business partners or affiliates,” she said.
Google’s Mandiant Intelligence last week called Scattered Spider, also known as UNC3944, one of the most disruptive hacking teams in the United States. Bradbury said Mandiant’s description of the group’s tactics aligned with what Okta had observed in recent attacks.
Reporting by Zeba Siddiqui in San Francisco; Editing by Michael Perry
Our standards: the Thomson Reuters Trust Principles.