FTC Drops Case Against MGM Resorts Over 2023 Ransomware Attack Handling

Summary:

The Federal Trade Commission (FTC) has dropped its case against MGM Resorts regarding their handling of personal data stolen in the 2023 ransomware attack. The FTC had initially sued MGM in 2024, but the case was dismissed following a shift in the administration. MGM already settled lawsuits from both the 2019 and 2023 breaches, paying $45 million and incurring $100 million in losses, with 37 million customers' data compromised.

Comments:

The FTC's decision highlights the challenges in holding companies accountable for cybersecurity practices, especially in a changing political environment. MGM's hefty financial settlements suggest a high cost for inadequate data protection, but the dropped case raises questions about the enforcement of data privacy regulations.

Suggested Guidelines:

1. Strengthen Data Protection: Prioritize robust cybersecurity measures to safeguard sensitive customer data and prevent breaches.
2. Clear Accountability: Ensure clear, consistent regulations on how companies must handle data protection and breach responses.
3. Rapid Incident Response: Develop a comprehensive, timely incident response plan to mitigate damage in case of a breach.
4. Transparency: Maintain transparency with customers about how their data is handled and the steps taken post-breach.

Tags:

#MGMResorts #Ransomware #FTC #DataBreach #Cybersecurity #DataPrivacy #CyberAttack #Regulations

Trump administration ends FTC’s ransomware data breach case against MGM Resorts

The Federal Trade Commission (FTC) shuttered its case against MGM Resorts International centered on the company’s handling of personal data stolen during a 2023 ransomware attack.

Cyber Security News | The RecordJonathan Greig