British national apprehended at Palma airport

Alleged mastermind behind MGM cyberattack arrested in Spain in joint operation

Reading time 1:35 min

The alleged mastermind behind last autumn's MGM Resorts hacking was arrested in Spain on June 14 in a joint operation by Spanish authorities and the FBI.

The 22-year-old British national, reportedly the leader of the Scattered Spider ransomware group, was apprehended by Spain’s National Police at Palma airport while attempting to board a flight to Naples. This group is accused of orchestrating the September 2023 cyberattack on MGM Resorts, which led to widespread system outages and a $100 million EBITDA loss in Q3 for the company.

The arrest followed a request from the FBI’s Los Angeles Office, which suspected the individual was in Spain. The National Police’s Central Cybercrime Unit, along with agents from the Balearic Superior Headquarters, located the suspect, confirming his entry into Spain via Barcelona’s El Prat airport.

On June 14, the Spanish National Police arrested the suspect at Palma airport. Authorities seized a laptop and a mobile phone from the individual. A Spanish judge has since ordered the suspect to be held in provisional detention.

The FBI had intensified efforts to crack down on the Scattered Spider group following the MGM cyberattack, resulting in the issuance of an international arrest warrant by the California Central District Court.

In September 2023, Scattered Spider allegedly breached MGM Resorts’ systems and demanded a ransom. Following advice from US government entities, MGM chose not to pay. The attack caused significant disruptions, affecting everything from slot machines to digital key cards.

Scattered Spider is believed to have stolen 391 bitcoins, valued at over $27 million, through various cyberattacks. The group’s methods reportedly included phishing techniques to access credentials and steal sensitive information or cryptocurrencies.

MGM continues to deal with the fallout from the cyberattack, facing an ongoing FTC investigation into its data security practices. The company is contesting the probe in court, with the FTC counter-suing to enforce compliance. Additionally, MGM is facing multiple class action lawsuits related to the stolen personal information.

MGM is not the only US casino targeted by hackers in recent months. Caesars Entertainment also experienced a cyber breach and reportedly chose to pay the ransom.

Most recently, Nevada casino operator Olympia Gaming announced it had fallen victim to a hacking incident. Hackers used phishing techniques to obtain customer information, including credit card numbers and addresses. Olympia Gaming CEO Michael Stone expressed regret over the breach, emphasizing efforts to protect customer data and rectify the situation.

Leave your comment
Subscribe to our newsletter
Enter your email to receive the latest news
By entering your email address, you agree to Yogonet's Condiciones de uso and Privacy Policies. You understand Yogonet may use your address to send updates and marketing emails. Use the Unsubscribe link in those emails to opt out at any time.