The hacking groups, known as ALPHV and Scattered Spider, targeted companies in the retail, manufacturing and technology space, as well as the two hospitality and enteratinment chains.
David Bradbury, chief security officer of cybersecurity company Okta, confirmed to Reuters that five of his company’s clients, which include Caesars and MGM, have been breached by the hackers since August.
ALPHV threatened MGM with more attacks if the company did not provide a ransom, in a written post on its website on Friday. It is not currently clear how much money ALPHV has requested from the casino giant.
Hackers used low-tech social engineering tactics to gain entry to the company’s information technology help desk.
Bradbury told the publication that ALPHV had gained access to its Okta information client during the breach, which gave it access to more credentials in the identity management system. This allowed the hackers to successfully impersonate users on the network.
How well do you really know your competitors?
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
Scattered Spider was named one of the most disruptive hacking groups in the US by Google’s Mandiant Intelligence – the company’s cyber threat intelligence subsidiary. A description which Bradbury backs up.
Bradbury told the publication that the two hacking groups appear to have worked together.
“Think of them more as business associates or affiliates,” he told Reuters.
The news comes as cybersecurity remains the largest technological theme for volume of filings, according to GlobalData’s filings database.
From Q1 2022 to 2023YTD, cybersecurity has recieved 61,902 filings. This narrowly beats cloud, which places second in the global rankings with 57,978 filings.
Artificial intelligence, which has seen a major boom since last year, is third in the rankings with 48,757 filings made since Q1 2022.
Big Data is fifth in the list, with 28,840 filings made since the beginning of 2022.