The Weekly breach Breakdown Podcast by ITRC - Identity Thieves Take a Gamble - S4E28

Show Transcript

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for October 6, 2023. Thanks to Sentilink for their support of the podcast and the ITRC. Each week, we look at the most recent events and trends related to data security and privacy. This week, we discuss how identity thieves use third parties to gain access to your information, as we saw with the recent Caesars Entertainment & MGM Resorts data breach.

From identity theft to cyber espionage, identity criminals always seek ways to steal personal information from third parties. This is why it’s crucial for everyone, including individuals, small businesses and large corporations, to stay vigilant and take measures to protect their data.

Caesars Entertainment & MGM Resorts Data Breach

In the case of MGM, according to Dark Reading, the cyberattack affected their internal systems and caused issues for guests who could not access their rooms and use ATMs and slot machines. The Caesars Entertainment & MGM Resorts data breach is a clear example of how cybersecurity threats can impact the company, its customers and its clients.

MGM was able to bring its systems back online after ten days. However, they were unable to determine how the criminals were able to infiltrate the company’s networks. It’s important to note that companies often take days or weeks to determine the full extent of a cyberattack on their networks.

Using Third-Party Systems to Steal Information

The fact that even the most well-known Las Vegas hotel brands like Bellagio, Mandalay Bay and Excalibur are not immune to cyberattacks is a warning sign for all businesses. Identity thieves are always looking for vulnerabilities in third-party systems to gain access to sensitive information. It’s not just about stealing money but also personal information, which can be used for identity theft and other malicious purposes.

How to Protect Yourself or Your Business

It’s essential for all businesses, big or small, to take cybersecurity seriously. They should have a robust cybersecurity plan in place that includes regular system updates, strong passwords, firewalls and antivirus software. They should also educate their employees about the importance of cybersecurity and how to stay safe online.

It’s not just businesses that need to take cybersecurity seriously; individuals must also take steps to protect themselves. What can you do to protect yourself from cyber threats? Here are some tips:

1. Use strong 12+-character passphrases. Weak passwords are easy to crack, which is one of the most common ways criminals gain access to systems. A unique 12+-character passphrase is easier to remember and harder for criminals to figure out.
2. Keep your software up-to-date. Software vulnerabilities can be exploited by identity thieves. It’s essential to keep all software up to date with the latest security patches.
3. Be cautious of suspicious emails. Phishing emails are a common tactic identity criminals use to trick people into giving away their personal information. If you receive an email you were not expecting, go back to the source to verify the validity of the message.
4. Use two-factor authentication. It adds an extra layer of security to your accounts, making it harder for identity thieves to gain access.

In conclusion, cybersecurity threats are a serious issue that affects everyone, from individuals to large corporations like MGM. It’s important to protect yourself and your data in case of incidents like the Caesars Entertainment & MGM Resorts data breach.

Contact the ITRC

If you want to know more about how to protect your business or personal information, think you have been the victim of an identity crime, or had your information stolen in a data incident like the Caesars Entertainment & MGM Resorts data breach, you can speak with an expert ITRC advisor on the phone, chat live on the web, or exchange emails during our normal business hours (Monday-Friday, 6 a.m.-5 p.m. PST). Just visit www.idtheftcenter.org to get started.

Thanks again to Sentilink for their support of the ITRC and this podcast. On October 11, we will release our Q3 2023 Data Breach Analysis. Some of the findings will be eye-opening. You will be able to download the report by visiting www.idtheftcenter.org/publications. We will return next week with another episode of the Weekly Breach Breakdown discussing the report.