MGM Resorts

What Happened

In July 2019, MGM Resorts discovered a data breach of one of their cloud services. The breach included 10.6M guest records with 3.1M unique email addresses stemming back to 2017. The exposed data included email and physical addresses, names, phone numbers and dates of birth and was subsequently shared on a popular hacking forum in February 2020 where it was extensively redistributed. The data was provided to HIBP by Under The Breach.

Compromised Data

Dates of birth

Email addresses

Names

Phone numbers

Physical addresses

Recommended Actions

Monitor for Suspicious Activity

Watch for unusual login attempts, spam and phishing emails.

Use 1Password to generate and store strong, unique passwords for all your accounts.

Try 1Password

Breach Overview

Affected Accounts:

3.1 million
Breach Occurred:

July 2019
Added to HIBP:

20 Feb 2020

Recommended Actions

Change Your Password

If you haven't changed your MGM Resorts password since 2019, do so immediately.

Enable Two-Factor Authentication

Add an extra layer of security to your account.

Check Other Accounts

If you used the same password elsewhere, change those too.

Monitor for Suspicious Activity

Watch for unusual login attempts or messages from your account.

Use 1Password to generate and store strong, unique passwords for all your accounts.

Try 1Password

MGM Resorts

What Happened

Compromised Data

Recommended Actions

Monitor for Suspicious Activity

Breach Overview

3.1 million

July 2019

20 Feb 2020

Recommended Actions

Change Your Password

Enable Two-Factor Authentication

Check Other Accounts

Monitor for Suspicious Activity

Services

Information