Stolen MGM Resorts customer data dumped on Telegram for free

A wall of data on a large screen.
(Image credit: Pixabay)

A major (but seemingly old) database filled with personal information has been dumped in a Telegram group, for free, for anyone who would care to look.

Cybersecurity researchers from vpnMentor discovered the 8.7GB file dump earlier this week, finding it contained data on at least 30 million people. 

The data seems to have been picked up from MGM Resorts, a hotel and casino chain whose endpoints were compromised three years ago.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022end of this survey

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

Same targets, new tricks

If indeed this is the same database, as some media suggest, then it contains data on more than 140 million MGM Resorts users. The data includes full names, postal addresses, more than 24 million unique email addresses, more than 30 million unique phone numbers, and dates of birth. Luckily enough, no payment data appears to have been included, but users may still be at risk of identity theft.

So far, MGM Resorts are keeping quiet on the matter, but its 2019 data breach, which included personal data on high-profile individuals such as former Twitter CEO Jack Dorsey and pop star Justin Bieber, saw data being sold on the dark web for $3,000. 

Now, as the data is freely available for all, vpnMentor says it has become "much more accessible for even the least tech-savvy people." 

While it’s hard to determine why someone decided to simply dump such a database online with no previous warning, BleepingComputer has two possible explanations - either it’s old and worthless, or it was dumped as the result of the recent takedowns of RaidForums and Hydra, dark web forums where stolen data was frequently traded. 

Regardless of if someone believes the data is worthless, researchers are still urging everyone to stay frosty. "Bad actors could send phishing messages and scams to exposed users via SMS and email, using the victims' full names and home or business addresses to build trust,” they say. 

The elderly may be particularly targeted, as they’re usually easier to defraud, they added. Dates of birth found in the database can help with picking the targets more easily.

Via: The Register

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.