British teenager apprehended in relation to MGM Resorts ransomware breach

AndyC 24 July 2024

A 17-year-old British youth has been captured by authorities on suspicions of involvement with a cybercrime syndicate that executed damaging ransomware assaults last year on MGM Resorts and other corporations.

British teen arrested in connection with MGM Resorts ransomware attack

A 17-year-old British youth has been captured by authorities on suspicions of involvement with a cybercrime syndicate that executed damaging ransomware assaults last year on MGM Resorts and other corporations.

In the previous September, the well-known hotel and casino group MGM Resorts encountered a cybersecurity breach that led to long queues for hotel check-ins, residents facing room entry challenges, disruption of ATM services, and the shutdown of websites, TV broadcasts, and telephone networks.

During that time, MGM Resorts acknowledged that all its establishments in Las Vegas, including Aria, Bellagio, Luxor, MGM Grand, and Mandalay Bay, were affected.

Social media users recounted their experiences within a paralyzed casino, courtesy of the hackers.

It wasn’t until 10 days later that MGM Resorts declared a return to “regular operations,” eventually admitting that hackers had infiltrated guest data, including names, contact details, gender, birthdates, driver’s license numbers, passport information, and even Social Security numbers.

Subsequent investigations revealed that the hackers had deceived MGM’s IT support staff by masquerading as an employee locked out of their account over the phone, thereby obtaining login credentials to execute the ransomware assault.

The total financial impact on MGM Resorts has been estimated at more than US $100 million, as indicated.

Recently, the 17-year-old individual nabbed in Walsall, England, was detained in a collaborative operation involving West Midlands Police and the FBI for suspected involvement with the “Scattered Spider” hacker entity. Initially, the youth was taken into custody on suspicion of extortion and violations related to the Computer Misuse Act, according to a communication from the Regional Organised Crime Unit for the West Midlands (ROCUWM).

According to Detective Inspector Hinesh Mehta, Manager of the Cyber Crime Unit at ROCUWM, “This detention follows a convoluted investigation that stretches across international borders, including the U.S. We’ve collaborated closely with the National Crime Agency and the FBI.” He added, “These hacker groups have targeted prominent entities with ransomware, successfully extorting vast sums of money from multiple victims worldwide. We are resolute in our commitment to track down these offenders. The risk is simply not worth it.”

MGM Resorts has extended its gratitude to law enforcement for their efforts in identifying and apprehending alleged perpetrators of the assault, emphasizing their firm stance against ransom payments.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , , , , , , , ,

More Stories

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

AndyC 19 December 2025
GhostPairing campaign abuses WhatsApp device linking to hijack accounts

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

AndyC 19 December 2025
Smashing Security podcast #448: The Kindle that got pwned

Smashing Security podcast #448: The Kindle that got pwned

AndyC 18 December 2025
SonicWall warns of actively exploited flaw in SMA 100 AMC

SonicWall warns of actively exploited flaw in SMA 100 AMC

AndyC 18 December 2025
Securing the Road Ahead: The Intersection of Cybersecurity and Intelligent Transportation

Securing the Road Ahead: The Intersection of Cybersecurity and Intelligent Transportation

AndyC 18 December 2025
Memory efficiency: Apple’s new competitive advantage

GNV ferry fantastic under cyberattack probe amid remote hijack fears

AndyC 18 December 2025

You may have missed

What the Latest OpenAI Security Breach Reveals About the State of AI Protection 

The Power of Large Language Models for Cybersecurity 

AndyC 19 December 2025
The .5B Coursera-Udemy merger is being driven by AI speed

Self-Harm Prevention Kit Guide for Schools: Identifying Risks and Protecting Students

AndyC 19 December 2025
Blog-5-300x200-1.jpg

How To Spot Health Insurance Scams This Open Enrollment Season

AndyC 19 December 2025
U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

AndyC 19 December 2025
GhostPairing campaign abuses WhatsApp device linking to hijack accounts

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

AndyC 19 December 2025

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.