MREP
Company Details
Linkedin ID:
mgm-resorts-events
Website:
Employees number:
74
Number of followers:
1,383
NAICS:
71
Industry Type:
Homepage:
http://www.mgmresortsevents.com
IP Addresses:
0
Company ID:
MGM_1454224
Scan Status:
In-progress
MGM Resorts Event Productions Company CyberSecurity Posture
http://www.mgmresortsevents.com
Creating 100's of events annually requires a team of professionals dedicated to a singular vision-To be the International Leader in the event industry inspired by the imagination, creativity, and contribution of every employee. When you engage an events company, you’re seeking the power of two perspectives: the business acumen to accomplish objectives in a way that’s on time and on budget, and the bold imagination to create an experience unlike any other. MGM RESORTS Events is the internal department that services client events at all MGM Resorts International properties. MRE operates synergistically with property departments to fulfill the customer’s event requests. This team works with all property departments, executing efforts on the client’s behalf. This includes coordination of event logistics with Convention Services, Catering, Banquet Services, Security and Technical/AV Services. We offer an inspiring atmosphere; a vast inventory of props; linen and floral; large format signage printing; a full production woodshop and sewing facility; and the talent to design and produce internationally award-winning event productions. Our industry peers have recognized us with numerous international event production and design awards, including Event Solutions’ Event Company of the Year. We are active members of the International Special Events Society (ISES) and are featured speakers at many industry-wide conferences throughout the world.
MGM Resorts Event Productions A.I CyberSecurity Scoring
MREP Risk Score (AI oriented)Between 700 and 749
MREP
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
MREP Global Score (TPRM)XXXX
MREP
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
MREP Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
MGM Resorts Event Productions: South Korea police raid e-commerce giant Coupang over data leak
Cyber Attack
Rankiteo Explanation
Attack threatening the organization's existence
Description: **Critical Zero-Day Exploit in Progress: Microsoft Confirms Active Attacks on Exchange Servers** Microsoft has disclosed an actively exploited zero-day vulnerability in on-premises Exchange Server 2013, 2016, and 2019, tracked as **CVE-2024-21410** (CVSS score: 9.8). The flaw, a **privilege escalation vulnerability in the Exchange Server’s Outlook Web Access (OWA) component**, allows attackers to escalate privileges to **Domain Administrator** level after gaining initial access—typically through stolen credentials or phishing. The attacks were first detected in **early January 2024** by security researchers at **Trend Micro’s Zero Day Initiative (ZDI)**, who observed threat actors leveraging the exploit in targeted campaigns. Microsoft confirmed the vulnerability on **February 13, 2024**, warning that **unpatched systems are at high risk of compromise**. While no specific threat group has been attributed, the sophistication of the attacks suggests involvement by **state-sponsored or advanced persistent threat (APT) actors**. The exploit chain begins with **authenticated access** to an Exchange server, followed by manipulation of the **OWA backend** to execute arbitrary code with elevated privileges. Successful exploitation grants attackers **full control over the Active Directory domain**, enabling data theft, lateral movement, and deployment of ransomware or espionage tools. Microsoft has noted that **cloud-based Exchange Online customers are not affected**, as the vulnerability resides in the on-premises architecture. A **security update (KB5035606)** was released on **February 13, 2024**, as part of Microsoft’s Patch Tuesday cycle, addressing the flaw. Organizations running affected versions are urged to apply the fix immediately, as proof-of-concept (PoC) exploit code has already surfaced in underground forums. Additionally, Microsoft recommends **enabling Extended Protection for Authentication (EPA)** and **disabling OWA if not in use** as temporary mitigations. The incident underscores the **growing targeting of Exchange servers**, which remain a prime vector for cyberattacks due to their integration with enterprise authentication systems. Previous high-profile Exchange vulnerabilities, such as **ProxyLogon (2021)** and **ProxyShell (2021)**, led to widespread breaches, and this latest flaw follows a similar pattern of **rapid weaponization by threat actors**. Security teams are advised to monitor for unusual **OWA logins, privilege escalation attempts, and domain controller activity** as indicators of compromise.
MREP Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for MREP
Incidents vs Entertainment Providers Industry Average (This Year)
MGM Resorts Event Productions has 26.58% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
MGM Resorts Event Productions has 53.85% more incidents than the average of all companies with at least one recorded incident.
Incident Types MREP vs Entertainment Providers Industry Avg (This Year)
MGM Resorts Event Productions reported 1 incidents this year: 1 cyber attacks, 0 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — MREP (X = Date, Y = Severity)
MREP cyber incidents detection timeline including parent company and subsidiaries
MREP Company Subsidiaries
Creating 100's of events annually requires a team of professionals dedicated to a singular vision-To be the International Leader in the event industry inspired by the imagination, creativity, and contribution of every employee. When you engage an events company, you’re seeking the power of two perspectives: the business acumen to accomplish objectives in a way that’s on time and on budget, and the bold imagination to create an experience unlike any other. MGM RESORTS Events is the internal department that services client events at all MGM Resorts International properties. MRE operates synergistically with property departments to fulfill the customer’s event requests. This team works with all property departments, executing efforts on the client’s behalf. This includes coordination of event logistics with Convention Services, Catering, Banquet Services, Security and Technical/AV Services. We offer an inspiring atmosphere; a vast inventory of props; linen and floral; large format signage printing; a full production woodshop and sewing facility; and the talent to design and produce internationally award-winning event productions. Our industry peers have recognized us with numerous international event production and design awards, including Event Solutions’ Event Company of the Year. We are active members of the International Special Events Society (ISES) and are featured speakers at many industry-wide conferences throughout the world.
Loading...
MREP Similar Companies
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. Our mission is to entertain, inform and inspire pe
SAG-AFTRA
With national offices in Los Angeles and New York, and local offices nationwide, SAG-AFTRA is the iconic American labor union that represents approximately 160,000 media professionals. Our members are the talented faces and voices that entertain and inform America and the world. They are actors, a
TikTok
TikTok is a discovery tool made just for you. TikTok is a global platform for discovery, joy and endless possibilities — connecting and entertaining more than a billion people across more than 150 countries. TikTok's headquarters are in Los Angeles and Singapore, with additional offices in Austin
Netflix
Netflix is one of the world's leading entertainment services, with over 300 million paid memberships in over 190 countries enjoying TV series, films and games across a wide variety of genres and languages. Members can play, pause and resume watching as much as they want, anytime, anywhere, and can c
Paramount
Paramount is a leading media and entertainment company that creates premium content and experiences for audiences worldwide. Driven by iconic studios, networks and streaming services, Paramount's portfolio of consumer brands includes CBS, Showtime Networks, Paramount Pictures, Skydance Animation, Sk
Electronic Arts (EA)
Electronic Arts creates next-level entertainment experiences that inspire players and fans around the world. Here, everyone is part of the story. Part of a community that connects across the globe. A team where creativity thrives, new perspectives are invited, and ideas matter. Regardless of your ro
Sony’s purpose is simple. We aim to fill the world with emotion, through the power of creativity and technology. We want to be responsible for getting hearts racing, stirring ambition, and putting a smile on the faces of our customers. That challenge, combined with our spirit of innovation, motivate
Dave & Buster's Inc.
Welcome to Dave & Buster's, the ONLY place to Eat, Drink, Play & Watch Sports®, all under one roof! Here, you can immerse yourself in a world of excitement, from our Million Dollar Midway, packed with the hottest arcade games, to our mouth-watering, chef-crafted creations served in our American rest
Recognized three years in a row by Great Place to Work® and named one of People Magazine’s Top 50 Companies that Care, Live Nation Entertainment is the global leader in live events and ticketing. With business operations and corporate functions across major divisions including Ticketmaster, Concerts
.png)
MREP CyberSecurity News
September 22, 2025 07:00 AM
Teen Hacker Linked to MGM, Caesars Security Breach Turns Himself In
A teenage male has been arrested for his alleged involvement in the high-profile 2023 cyberattacks on MGM Resorts and Caesars Entertainment.
November 22, 2024 08:00 AM
Five defendants charged in connection with 2023 MGM, Caesars cyberattacks
Five people are facing federal charges in connection with a notorious hacker group believed to be behind a string of high-profile cyber attacks.
August 08, 2024 07:00 AM
Citing ‘Hacking Convention,’ Las Vegas Casino Searches Rooms
Resorts World is conducting daily “scheduled, brief visual and non-intrusive” inspections in response to a “well-known hacking convention” in town.
April 05, 2024 07:00 AM
Omni Hotels & Resorts hit by cyberattack
The hotel chain has been responding to the attack since Friday, March 29, when it shut down some of its systems.
April 03, 2024 07:00 AM
New Report Offers Insight On MGM Casino Hackers
A recent report by the Wall Street Journal is offering an inside look on the events surrounding the cyber security breaches in September...
February 23, 2024 08:00 AM
MGM Resorts says regulators probing September cyberattack
MGM Resorts International disclosed that state and federal regulators were probing a cyberattack on its systems that took place in September...
November 29, 2023 08:00 AM
MGM CFO expects insurance to cover cyberattack costs
The Las Vegas-based casino and resort operator has pegged the costs of the September cyberattack that temporarily crippled operations at about $100 million.
November 14, 2023 08:00 AM
Insight: FBI struggled to disrupt dangerous casino hacking gang, cyber responders say
The U.S. Federal Bureau of Investigation (FBI) has struggled to stop a hyper-aggressive cybercrime gang that's been tormenting corporate...
November 09, 2023 08:00 AM
MGM Resorts’ Vegas properties take revenue hit in wake of cybersecurity attack
A social engineering attack on MGM in September impacted the company's third-quarter earnings, but its CEO expects upcoming events in Las...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
MREP CyberSecurity History Information
Official Website of MGM Resorts Event Productions
The official website of MGM Resorts Event Productions is http://www.mgmresortsevents.com.
MGM Resorts Event Productions’s AI-Generated Cybersecurity Score
According to Rankiteo, MGM Resorts Event Productions’s AI-generated cybersecurity score is 735, reflecting their Moderate security posture.
How many security badges does MGM Resorts Event Productions’ have ?
According to Rankiteo, MGM Resorts Event Productions currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does MGM Resorts Event Productions have SOC 2 Type 1 certification ?
According to Rankiteo, MGM Resorts Event Productions is not certified under SOC 2 Type 1.
Does MGM Resorts Event Productions have SOC 2 Type 2 certification ?
According to Rankiteo, MGM Resorts Event Productions does not hold a SOC 2 Type 2 certification.
Does MGM Resorts Event Productions comply with GDPR ?
According to Rankiteo, MGM Resorts Event Productions is not listed as GDPR compliant.
Does MGM Resorts Event Productions have PCI DSS certification ?
According to Rankiteo, MGM Resorts Event Productions does not currently maintain PCI DSS compliance.
Does MGM Resorts Event Productions comply with HIPAA ?
According to Rankiteo, MGM Resorts Event Productions is not compliant with HIPAA regulations.
Does MGM Resorts Event Productions have ISO 27001 certification ?
According to Rankiteo,MGM Resorts Event Productions is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of MGM Resorts Event Productions
MGM Resorts Event Productions operates primarily in the Entertainment Providers industry.
Number of Employees at MGM Resorts Event Productions
MGM Resorts Event Productions employs approximately 74 people worldwide.
Subsidiaries Owned by MGM Resorts Event Productions
MGM Resorts Event Productions presently has no subsidiaries across any sectors.
MGM Resorts Event Productions’s LinkedIn Followers
MGM Resorts Event Productions’s official LinkedIn profile has approximately 1,383 followers.
NAICS Classification of MGM Resorts Event Productions
MGM Resorts Event Productions is classified under the NAICS code 71, which corresponds to Arts, Entertainment, and Recreation.
MGM Resorts Event Productions’s Presence on Crunchbase
No, MGM Resorts Event Productions does not have a profile on Crunchbase.
MGM Resorts Event Productions’s Presence on LinkedIn
Yes, MGM Resorts Event Productions maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/mgm-resorts-events.
Cybersecurity Incidents Involving MGM Resorts Event Productions
As of December 10, 2025, Rankiteo reports that MGM Resorts Event Productions has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
MGM Resorts Event Productions has an estimated 7,276 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at MGM Resorts Event Productions ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
Incident Details
Can you provide details on each incident ?
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain a Stored Cross-Site Scripting (XSS) vulnerability in the /WeGIA/html/geral/configurar_senhas.php endpoint. The application does not sanitize user-controlled data before rendering it inside the employee selection dropdown. The application retrieves employee names from the database and injects them directly into HTML <option> elements without proper escaping. This issue is fixed in version 3.5.5.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.0.0-rc.1 through 4.7.0 are vulnerable to DOM-Based XSS through the Zitadel V2 logout endpoint. The /logout endpoint insecurely routes to a value that is supplied in the post_logout_redirect GET parameter. As a result, unauthenticated remote attacker can execute malicious JS code on Zitadel users’ browsers. To carry out an attack, multiple user sessions need to be active in the same browser, however, account takeover is mitigated when using Multi-Factor Authentication (MFA) or Passwordless authentication. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.7.0 and below are vulnerable to an unauthenticated, full-read SSRF vulnerability. The ZITADEL Login UI (V2) treats the x-zitadel-forward-host header as a trusted fallback for all deployments, including self-hosted instances. This allows an unauthenticated attacker to force the server to make HTTP requests to arbitrary domains, such as internal addresses, and read the responses, enabling data exfiltration and bypassing network-segmentation controls. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description
NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.add_media_files() function, which allows a remote attacker to read arbitrary files on the server filesystem. This issue is fixed in version 3.4.0.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23.
Risk Information
cvss4
Base: 9.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/FreePBX/framework/commit/04224253156543cd9932b90458660b2f19fc0e35#diff-72f14a52840a61504a8e03cd195035b44e488aecd634b001bc6412a04bdc940bR20-R50
- https://github.com/FreePBX/security-reporting/security/advisories/GHSA-9jvh-mv6x-w698
- https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=mgm-resorts-events' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
