Hackers are selling personal information for 142 million hotel guests online for $2900. According to a ZDNet report, a site on the dark web is selling the personal information from 142,479,937 former guests of the MGM Hotels brand.
Earlier this year, ZDNet reported a 2019 hack whereby it noted that MGM Resorts had been hacked with a reportedly 10 million or so guests affected. However, according to the new ZDNet report the scale and scope of the hack was much wider and included the entire family of MGM hotels.
ZDNet shared an image of 142 million guests information for sale on what appears to be the Empire Dark Web site. The image included text noting that the hacker NightLion had in fact more personal information that the previously reported 10.6 million records and was selling them for around $2900.
There is some dispute, however, about what is actually included in the hack with the owner of the security firm involved in the hack suggesting it’s an attempt by the hackers to discredit his company:
“Vinny Troia, founder of Night Lion Security, told ZDNet in a phone call that his company never owned a copy of the full MGM database and that the hackers are merely trying to ruin his company’s reputation.”ZDNet Report
You can read the full ZDNet report here including comments from MGM Hotels themselves.