MGM A.I CyberSecurity Scoring
MGM
Company Information
Website:http://www.mgm.com
Employees number:4,969
Number of followers:128,086
NAICS:71
Industry Type:Entertainment Providers
Homepage:mgm.com
MGM Risk Score (AI oriented)
Between 750 and 799
MGMEntertainment Providers
Updated:
14/03/2026
14/03/2026
766/1000
Fair
Baa
MGM Global Score (TPRM)
xxxx
MGMEntertainment Providers
Score locked

MGMFair
Current Score
766Baa (FAIR)
01000
1 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
767
JUNE 2026
767
MAY 2026
767
APRIL 2026
766
MARCH 2026
766
FEBRUARY 2026
766
JANUARY 2026
766
DECEMBER 2025
766
NOVEMBER 2025
765
OCTOBER 2025
765
SEPTEMBER 2025
765
AUGUST 2025
765
FEBRUARY 2024
779
Vulnerability
07 Feb 2024 • MGM
MOVEit, MGM Resorts and British Airways: Ransomware Hit $1 Billion in 2023
2023: A Record-Breaking Year for Ransomware as Attacks Surge Past $1 Billion in Extorted Payments
758
CRITICAL-21
MOVBRIMGM1770602315
2023: A Record-Breaking Year for Ransomware as Attacks Surge Past $1 Billion in Extorted Payments
2023 marked a dramatic resurgence in ransomware activity, with cybercriminals extorting over $1 billion in cryptocurrency payments the highest annual total on record. The year saw a sharp reversal from 2022’s temporary decline, driven by high-profile attacks on critical infrastructure, supply chain vulnerabilities, and the proliferation of Ransomware-as-a-Service (RaaS) models.
### Key Trends and Major Incidents
- Supply Chain Attacks Dominate: The MOVEit file transfer software breach, exploited by the Cl0p ransomware group, became one of the most damaging incidents of 2023. The zero-day vulnerability allowed attackers to compromise hundreds of organizations, including British Airways, the BBC, and U.S. government agencies, exposing millions of records. Cl0p’s shift to data exfiltration over encryption proved highly effective, generating over $100 million in ransom payments and accounting for nearly 45% of all ransomware revenue in June and July.
- Big Game Hunting Persists: Groups like ALPHV-BlackCat and Cl0p targeted large, deep-pocketed victims, demanding multimillion-dollar ransoms. While MGM Resorts refused to pay after an ALPHV-BlackCat attack, the incident still cost the company over $100 million in damages.
- RaaS Lowers the Barrier to Entry: The Phobos and ALPHV-BlackCat strains exemplified the RaaS model, enabling less skilled attackers to launch ransomware campaigns in exchange for a cut of profits. This model fueled a 538% increase in new ransomware variants in 2023, according to Recorded Future.
- Rebranding and Affiliate Fluidity: Ransomware groups frequently rebranded or shifted between strains to evade law enforcement and sanctions. Blockchain analysis revealed connections between Trickbot, Royal ransomware, and the 3AM strain, demonstrating how a small number of actors drive much of the ecosystem’s activity.
### Law Enforcement Strikes Back
Despite the surge in attacks, 2023 also saw significant law enforcement victories:
- FBI’s Hive Takedown: In a six-month infiltration, the FBI disrupted the Hive ransomware group, providing decryption keys to 1,300 victims and preventing an estimated $130 million in ransom payments. Statistical models suggest the operation may have averted over $210 million in total payments by disrupting Hive’s broader operations.
- International Collaboration: The BlackCat (ALPHV) disruption and other joint operations highlighted increased coordination between global agencies, cybersecurity firms, and blockchain analysts to track and dismantle ransomware networks.
### Financial Flows and Money Laundering
Ransomware proceeds were laundered through a mix of centralized exchanges, mixers, and emerging services like cross-chain bridges, instant exchangers, and gambling platforms. While exchanges remained the most common off-ramping method, sanctioned entities and high-concentration services (e.g., specific mixers) created vulnerabilities for law enforcement to exploit.
### The Broader Impact
The $1 billion figure reflects only direct ransom payments not the full economic toll, which includes productivity losses, recovery costs, and reputational damage. The MGM Resorts attack alone demonstrated how even non-payment incidents can inflict nine-figure financial harm.
2023 underscored the adaptability of ransomware actors, who continue to refine tactics, exploit zero-day vulnerabilities, and leverage RaaS to maximize profits. While law enforcement made strides in disruption, the escalating scale and sophistication of attacks signal an enduring and evolving threat.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for MGM ??
What was MGM's A.I Rankiteo Cyber Score in June 2026 ??
What was MGM's A.I Rankiteo Cyber Score in May 2026 ??
What was MGM's A.I Rankiteo Cyber Score in April 2026 ??
What was MGM's A.I Rankiteo Cyber Score in March 2026 ??
What was MGM's A.I Rankiteo Cyber Score in February 2026 ??
What was MGM's A.I Rankiteo Cyber Score in January 2026 ??
What was MGM's A.I Rankiteo Cyber Score in December 2025 ??
What was MGM's A.I Rankiteo Cyber Score in November 2025 ??
What was MGM's A.I Rankiteo Cyber Score in October 2025 ??
What was MGM's A.I Rankiteo Cyber Score in September 2025 ??
What was MGM's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on MGM's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with MGM ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view MGM's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?