Data breaches are still on the rise, while cybercriminals are continuously finding ways to profit off of stolen PII. Although the MGM breach occurred in 2019, here we are midway through 2020 and still learning of the impact it may have had on past hotel guests. The scope appears to be quite larger than originally suspected - with a nominal price tag on the dark web.

Although financial information, Social Security numbers, and actual reservation details were not exposed, MGM was able to confirm names, postal addresses, DOBs, email addresses and phone numbers were compromised.  Furthermore, security research firms have confirmed this data has been sold amongst private hacking circles since at least July 2019.  It appears that some Russian-speaking hacking forums are advertising the info for 200M+ guests....will the number at stake keep growing as we continue to dive deeper into this breach?