MGM Resorts Data Breach Exposes Personal Information Of 10.6 Million Guests

Another example of a major data breach, MGM Resorts has confirmed there was unauthorised access to one of the company’s cloud servers in 2019 that contained information on a reported 10.6 million guests, possibly including several high-profile guests.

“This highlights the increasing importance of ensuring that cloud infrastructures are configured in a secure way, and that organisations remain responsible for the security of their data even when migrating to the cloud” – Hylton Stewart, Head of Cyber Security, Conosco

While this breach was discovered around the middle of last year, it seems that affected clients were notified in a timely manner, which is vitally important both to meet legal requirements and assist in limiting reputational damage. The volume of personally identifiable data involved in the breach still represents a huge risk for the individuals involved.

We work with our clients to ensure that all their cloud infrastructures are configured in accordance with recommended best practices and guidelines such as the NCSC Cloud Security Guidance.
Some proactive measures organisations can take to protecting their data in the cloud are:

  • Establishing cloud security responsibilities between cloud users and solutions provider
  • Encryption of data stored in the cloud
  • Managing a clearance led user access controls
  • Cloud data deletion & retention policies
  • Penetration testing of cloud infrastructure
  • Scanning and monitoring cloud environment for threats
  • Employee training on cloud security best practices

In our video, Cyber Security expert, Hylton outlines best practices and recommendations which can be used to provide security against data breaches.

Meet Conosco’s Security Division:

  • Leads Conosco’s Security Team
  • Cyber Security Champion
  • Highly accredited & certified across industry standards
  • 15 + yrs experience implementing Security for organisations
  • Email: securitydivision@conosco.com
  • LinkedIn: @HyltonStewart
  • Find out more about our Security services here.

Request for a complimentary Security Discovery Session with Hylton:

We offer four free Information Security Discoveries per month where we conduct a short workshop with your key stakeholders and provide you with a high-level assessment, giving you our recommendations for reducing risk within your business.

If you would be interested in receiving our free Information Security Discovery audit and report, register your interest using this form.

Ninja Form plugin removed, please replace with HubSpot form