Recently personal information of 10,683,188 people gathered in a data breach of MGM Resorts hotels turned up on Dark Web websites where criminals buy and sell stolen data. The data included full names, home addresses, phone numbers, email addresses and dates of birth of MGM Resorts customers. It did not include credit card information. MGM has resorts in the United States in Las Vegas, Atlantic City and Detroit as well as resorts outside of the United States in China and Japan. The data breach was discovered last summer by MGM, but relates to travelers who stayed at MGM hotels prior to 2018. Cybercriminals also use the information gathered in data breaches such as this to form the basis of scams that start with spear phishing emails which are emails specifically tailored with information about you and your interests. These spear phishing emails will attempt to lure you into either providing personal information that can be used to make you a victim of identity theft or to click on links containing harmful malware. Everyone should be skeptical of any email asking for personal information or prompting you to click on a link. Never provide such information or click on links until you have confirmed that the email is legitimate.
If you stayed at an MGM hotel prior to 2018 you should be particularly skeptical of any email that may ask you for personal information or to click on a link. Indeed everyone should refrain from ever providing personal information in response to an email unless you have absolutely confirmed that the email is legitimate. The same rule applies to clicking on links.
In addition, if you have stayed at an MGM hotel prior to 2018 and you have not frozen your credit reports, this would be a good time to do so.
To get the maximum protection from identity theft, it is important to freeze your credit at each of the three major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:
Once you have frozen your credit, be sure to keep the PIN and information on how to unfreeze your credit report in a safe place.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”