Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Denver news in your inbox
Catch up on the most important stories affecting your hometown with Axios Denver
Des Moines news in your inbox
Catch up on the most important stories affecting your hometown with Axios Des Moines
Minneapolis-St. Paul news in your inbox
Catch up on the most important stories affecting your hometown with Axios Twin Cities
Tampa Bay news in your inbox
Catch up on the most important stories affecting your hometown with Axios Tampa Bay
Charlotte news in your inbox
Catch up on the most important stories affecting your hometown with Axios Charlotte
The MGM Grand hotel in Las Vegas. Photo: Smith Collection/Gado/Getty Images
An MGM Resorts security breach last summer resulted in the personal details of 10.6 million guests published on a hacking forum this week, ZDNet first reported Wednesday.
Why it matters: Federal government employees and high-profile guests were affected by the breach, according to analysis by data breach monitoring service Under the Breach and ZDNet — including officials from the FBI, Department of Homeland Security and the Transportation Security Administration, Twitter CEO Jack Dorsey, Microsoft staffers and singer Justin Bieber.
- Analysis of the data contained email addresses and phone numbers, along with full names, birthdates and addresses, per ZDNet.
- "Hotel chains and travel companies have been a major target for Chinese espionage, in particular, because of the vast troves of data they store on American executives and government officials with security clearances," notes the New York Times, which pointed to the Marriott hotels breach of 2018.
What they're saying: MGM confirmed in a statement that it discovered "unauthorized access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts." "We are confident that no financial, payment card or password data was involved in this matter," the statement said.
- An MGM spokesman wouldn't go into specifics on affected guests, but he told Axios via email the "vast majority" of what was posted was information that can be found in the phonebook or via online search and that among the data were "many duplicates."
Go deeper: Cost of the average U.S. data breach tops $8 million