MGM Resorts has agreed to a $45 million settlement to resolve multiple class action lawsuits following two major data breaches that exposed the personal information of millions of customers, reports TechCrunch.
The settlement, which was reached on Jan. 21, is pending approval by a Las Vegas federal court with a ruling expected on June 18. The breaches altogether compromised the data of more than 37 million customers.
According to the settlement, the 2019 incident involved the theft of customer names, addresses, and phone numbers, with some of the stolen data later surfacing on a cybercrime forum. The 2023 ransomware attack had a more severe impact, causing significant operational disruptions at MGM’s Las Vegas properties for several weeks and leading to over $100 million in losses. Hackers also obtained sensitive data, including Social Security and passport numbers.
