MGM Resorts International CEO Bill Hornbuckle called the cyberattack that will cost the company $100 million in earnings “corporate terrorism at its finest.” However, the hack is behind the casino giant, which isn’t feeling any fallout from customers who are booking MGM properties in huge numbers.
Hornbuckle, who confirmed the company didn’t pay a ransom to the hackers, made his most detailed comments yet about the cyberattack that occurred more than three weeks ago during an interview with CNBC’s reporter Contessa Brewer as the Global Gaming Expo kicked off its second day on the Las Vegas Strip.
The good news is that MGM protected credit-card and banking information, Hornbuckle said.
“We don’t wish this on anybody,” Hornbuckle said. “For a couple of weeks for our company, it was devastating. We reacted quickly to protect the data. You saw us shutting down systems by our own design and what ended up happening is the criminals understood what was happening and shut them down for us. We found ourselves in an environment where for the next four or five days, with 36,000 hotel rooms and regional properties, we were completely in the dark. Telephones, hotel systems, casino systems, key systems, and I could go on and on weren’t functioning.”
Hornbuckle said the ordeal put the company to the test, especially given that many of the systems weren’t automated to begin with. He pointed out, for example, what needed to be done at the front desk to overcome computer issues.
“It was an interesting cultural moment for the company to come together. We saw it quickly and as of this past weekend, we’re now free from this thing. It’s behind us, with the assumption that the current threat is gone, but there’s always a threat. These threat actors and other threat actors continue to be (out there).”
Hornbuckle said it has made the company evaluate what it does with its processes to prevent a future attack, including investing in infrastructure.
“We need to get better and we will be better,” Hornbuckle said. “We’re proud of what we did. We didn’t pay ransom, not that it’s a defining moment in one of these things. The way they came at us and the velocity they came at us, we reacted quickly and protected data and we found ourselves a couple of weeks into this thing fully functioning with all of our commercial systems back. It’s probably going to cost us in the range of $100 million, which will covered by cyber insurance, thankfully. I can only imagine what next year’s bill will be.”
In response to a Brewer question, Hornbuckle said that because the hack happened so quickly, they were playing defense in a “whack-a-mole fashion.” They made the choice of not paying the ransom, because it would have taken as long for MGM itself to figure how to get out of it than the hackers telling them how. “It would take us this long to get out of it even if they gave us the encryption keys.”
Hornbuckle wasn’t discouraged about continued indications of a recession and he was excited about the Formula One race in November and Super Bowl in February.
“Even coming out of what we did, last week was our biggest booking week in a very long time, thinking about the next four months,” Hornbuckle said. “The great news is people are still showing up and the appetite for this environment has never been stronger.”
Returning to the cyber arena, Brewer made the point to Bill Carstanjen, the CEO of Churchill Downs Incorporated, that once hackers are successful, they’ll keep coming back to other companies in the same industry.
“The threat has never been greater than now,” Carstanjen said. “I think there’s something of the herd mentality and the focus on the industry. All of us in this space are following heightened processes and training and more intense focus on the broad category of cybersecurity. We’re all focused and concerned about it, because it’s happening across the industry now.”
