Hi Guys,

I hope you are well.

MGM Resorts (2022 Update) – 24,842,001 breached accounts
In July 2019, MGM Resorts discovered a data breach of one of their cloud services. The breach included 10.6M guest records with 3.1M unique email addresses stemming back to 2017. In May 2022, a superset of the data totalling almost 25M unique email addresses across 142M rows was extensively shared on Telegram. On analysis, it’s highly likely the data stems from the same incident with 142M records having been discovered for sale on a dark web marketplace in mid-2020. The exposed data included email and physical addresses, names, phone numbers and dates of birth. 

If you have an account with MGM Resorts please do the following:

  • Change your password and make sure your new password is at least ten characters long and contains an upper case, lower case, number, and a symbol. You can even use a modified phrase or a line from a song if that helps you remember
  • Make sure you do not use the same password twice as this leaves you vulnerable to credential stuffing.
  • Find a good password manager tool to help you remember all of your passwords. Some of our users say that 1Password is a good tool.
  • Check out Incognito’s Email Hack Check tool. All you have to do is enter your email address and we will tell you instantly if it has been involved in one of the many data breaches that happen every day.

Please let me know if you need any help in relation to this.

All the best,
Max Roberts,
Incognito Privacy Care Team