Police arrest teenager in connection with ransomware attack on MGM Resorts

A teenager may be responsible for a ransomware attack in Las Vegas last year. In England, it was confirmed that an unidentified 17-year-old from the town of Walsall was arrested on Thursday for allegedly shutting down the resort and casino on the Las Vegas Strip last year.

The teenager was arrested on suspicion of blackmail and breaching the UK’s Computer Misuse Act. He was released on bail, according to a statement from the police department.

Police officers tracked the teenage suspect as part of a joint investigation with Britain’s National Crime Agency and the FBI. The police department said it had seized evidence at the teenager’s address, including “a number of digital devices that are being forensically examined.”

The statement also said the teenager was part of a “global cyber online crime group,” but it did not specify which group it was. The ransomware group ALPHV/BlackCat announced it was responsible for the attack. The attack allegedly occurred on September 12, 2023, with a simple 10-minute phone call to a help desk agent using information obtained from LinkedIn. The group has also claimed responsibility for a similar ransomware attack on the cosmetics brand.

“To compromise MGM Resorts, the ALPHV ransomware group simply searched for an employee on LinkedIn and then called the help desk,” the organization wrote in a post on X.

The MGM Resorts system outage lasted and caused a massive outage across all casinos on the Las Vegas Strip. News later emerged that other casinos, such as Caesars, were also attacked by a different group, but decided to pay the hackers tens of millions of dollars to prevent the release of private company data.