MGM Resorts International chief technology officer John Branden Newman says MGM reached out offering to assist Boyd Gaming Corp. following the disclosure of a recent cyberattack in a new SEC filing, according to the Las Vegas Review-Journal.
Key Takeaways
- Newman helped lead MGM through its 2023 cyberattack, telling regulators the company has since strengthened its defenses and continues to work with the FBI.
- The hearing also addressed the recent arrest of a 17-year-old suspect tied to the MGM breach.
Speaking Thursday during a Nevada Gaming Commission licensing hearing, Newman explained that MGM’s cybersecurity team offered to assist Boyd following news of the breach’s occurrence ultimately came to light.
“It’s obviously unfortunate that a lot of the players in the industry and various industries actually are still getting hit by these same types of attacks,” Newman said. “We did reach out and offer our support. I don’t have a lot of detailed information about it. The current chief information security officer was the one that was doing that coordination with Boyd during that time to offer ours.”
Newman, who leads a team of over 650 employees, was also reportedly found to be suitable as an officer by the Nevada Gaming Commission during his licensing hearing, as the NGC pressed him on MGM’s own 2023 breach.
He served as MGM’s chief information security officer when the company was subject to cyberattacks back in 2023, with previous experience including work with the United States Air Force and Department of Defense.
“It was obviously a very difficult time for us responding to that incident and rebuilding the environment,” Newman said of the 2023 incident. “We have put in numerous controls to reduce the risk of any further occurrence of this, and we keep our eye on all the threat intelligence across the industry, including keeping up with the various threat actors that are still hitting people in our industry. We’re still working with the FBI.”
Revelation comes following arrest
The hearing also touched on the recent surrender of a 17-year-old linked to the 2023 MGM hack. The suspect, who was 15 at the time, faces multiple charges according to reports from the Las Vegas Review-Journal and law enforcement.
“The teenager faces three counts of using stolen personal information, one count of extortion, one count of conspiracy to commit extortion, and one count of unlawful computer acts. The charges are linked to the activity of ‘Scattered Spider,’ a loosely organized hacking group that has also gone by names such as Octo Tempes, UNC3944, and 0ktapus,” a law enforcement release outlined.
Prosecutors have moved to try him as an adult.
Among the remarks from the hearing, Commission chairwoman Jennifer Togliatti noted the prevalence of younger individuals embedded within these cyberattack cases, explaining part of what made it difficult to keep up with the multitude of threats.
“In order to keep up with it, you have to go to all the proms and all the high schools and all the land,” Togliatti said. “It’s remarkable the age of the folks that are being charged with the acts alleged here. It’s nuts.”
Newman also added that these groups often recruited young hackers, ultimately leading to their involvement and subsequent arrests.
