Pop star Justin Bieber, numerous other celebrities, officials, CEOs, including Twitter boss Jack Dorsey, and millions of tourists from all over the world are affected. They all have something in common: they slept in a MGM hotel. The hotel chain operates more than 30 hotels worldwide. With 5044 rooms, the MGM Grand Resort in Las Vegas is one of the largest hotels in the world.
Now, personal data from more than ten million guests has appeared in a hacker forum, as Zdnet.com reports. The tech website verified the published data this week with a security company and affected hotel guests.
The names of the guests, birthdays, email addresses, postal addresses and telephone numbers are published on the hacker forum. A spokesman for the hotel chain has confirmed the incident to Zdnet.com. The data is said to have been stolen in summer 2019. «We discovered unauthorized access to the server. Information from guests was stored there, »the spokesman told the website.
According to MGM, no credit card data and no passwords were stolen during the data drain. After the data had been lost in 2019, the affected guests were informed, the spokesman said. After the incident, the security of their own hotel network was strengthened.
The data now published are a treasure trove for hackers because they contain the information of numerous high-profile users. The experts from the security company warn that these users should now be particularly careful because their private telephone numbers and email addresses have been leaked.
It is not the first time that such an incident has occurred in a large hotel chain. The Marriott Group experienced the GAU in 2017. Hackers stole the data from around 500 million hotel guests from the international hotel chain. At that time, in addition to names, much more sensitive information such as passport numbers or credit card data was lost.