A teenager suspected of involvement in the 2023 cyberattacks on several Las Vegas casinos has turned himself in, according to the Las Vegas Metropolitan Police. His name has not been released because of his age, though prosecutors are seeking to charge him as an adult.
Key Takeaways
- A teenager has surrendered to police for his involvement in the 2023 cyberattacks on Las Vegas casinos
- Suspect faces multiple charges, including extortion and computer crimes
- Case linked to the Scattered Spider hacker group
Federal prosecutors indicted four men aged 20 to 23 in November 2024 in a separate case that cybersecurity analysts tied to the same string of attacks, which took place between August and October 2023 and targeted casinos owned by MGM Resorts International and Caesars Entertainment, among others.
The teenager faces three counts of using stolen personal information, one count of extortion, one count of conspiracy to commit extortion, and one count of unlawful computer acts. The charges are linked to the activity of ‘Scattered Spider,’ a loosely organized hacking group that has also gone by names such as Octo Tempes, UNC3944, and 0ktapus.
The FBI’s Las Vegas Cyber Task Force headed up the investigation. Another hacker, known online as AlphV, publicly claimed responsibility for the MGM attack but acknowledged Scattered Spider’s role. If convicted, the teenager could face significant prison time, depending on whether the case proceeds in adult court.
MGM reaches $45 million settlement over data breaches
The fallout from the cyberattacks for MGM led to a payout of $45 million to those affected by the two separate data breaches in July 2019 and September 2023.
In both incidents, personal data from guests and customers, including names, addresses, phone numbers, and emails, was accessed. For a smaller group, more sensitive information, such as driver’s license details, Social Security numbers, and military IDs, was exposed.
Under the settlement, affected individuals may file claims for reimbursement. Those with documented financial losses tied to the breaches can seek up to $15,000, and others may qualify for flat cash payments, depending on the type of personal data compromised.
MGM and BetMGM expand responsible gaming initiatives
At the same time, MGM Resorts has also broadened its responsible gaming programs. In partnership with BetMGM and the American Gaming Association, MGM Resorts is expanding its GameSense messaging across NFL stadiums in September for the third season in a row, as part of Responsible Gaming Education Month.
Messages encouraging safe gambling practices will appear on LED ribbons, scoreboards, and in gameday magazines at ten stadiums, including Allegiant Stadium in Las Vegas and MetLife Stadium in New Jersey. The initiative also includes expanded employee training and a $250,000 donation to the International Center for Responsible Gaming to support independent research.
MGM said over 1,900 employees have now been certified as GameSense advisors, offering on-site guidance at sportsbooks and rewards desks.
