Resources and Guides
MGM Resorts (2023): Help Desk Social Engineering → Major Disruption
-
What happened: A cyberattack disrupted MGM’s operations (booking systems and other property tech), creating real-world downtime.
-
Why it matters (human-layer failure): Groups tied to these incidents are known for help desk / identity impersonation tactics—if “prove you’re you” is weak, attackers walk in through the front desk.
Overall impact: MGM disclosed an estimated ~$100M negative impact to Adjusted Property EBITDAR for September 2023, plus < $10M in one-time costs.
Caesars Entertainment (2023): Social Engineering a Support Vendor → Data Breach (+ Reported Ransom)
-
What happened: Caesars disclosed suspicious activity resulting from a social engineering attack on an outsourced IT support vendor
-
Why it matters: Third parties + service desks are prime targets; once an attacker can talk their way past a vendor’s process, they inherit your risk.
-
Overall impact: Caesars reported loyalty-program member data theft (including sensitive identifiers like driver’s license and/or SSNs, per reporting).
Ransom payment was reported around $15M (not confirmed by Caesars in that reporting).
Target (2013): Vendor Phishing → Stolen Credentials → Massive Breach Costs
-
What happened: Target stated the intruder used stolen vendor credentials to access systems and deploy malware.
The U.S. Senate “Kill Chain” analysis and related reporting discuss the vendor pathway and phishing context. -
Why it matters: Vendor access is a breach multiplier; if a smaller partner can be phished, the big brand becomes the headline.
-
Overall impact: Target disclosed $252M cumulative breach-related expenses, offset by $90M expected insurance recoveries, for $162M net as of Jan 31, 2015.