A British teenager was arrested in Walsall, England, this week, charged with involvement in the 2023 ransomware cyberattack against MGM Resorts International. That incident disrupted the Las Vegas-based casino operator’s business for 10 days and cost it $100 million.
The unnamed suspect, 17, was arrested at his home address in Walsall, in the West Midlands area of England. Officers from West Midlands Police conducted the raid, in partnership with investigating officers from the country’s National Crime Agency and the American Federal Bureau of Investigation.
During the raid, the teen’s digital devices were seized pending further investigation. He was released on bail after being charged with blackmail and violating the UK’s Computer Misuse Act of 1990.
“We know first-hand the damage these criminals can do and the importance of working with law enforcement to fight back,” said a statement from MGM Resorts sent to USA Today after the arrest.
“It’s not worth it. We are forever grateful to the FBI for their support and work with international law enforcement to bring these criminals to justice.”
The Hack
In September of last year, MGM Resorts suffered one of the biggest hacking attacks in the history of the gambling business. Staff were locked out of company systems for 10 days, as the operator refused to pay a $30 million ransom demand to the group known as Scattered Spider.
The disruption cost the company some $100 million in lost revenue, as services across its network of several dozen U.S. and global casinos went down. The fallout even resulted in an investigation from the Federal Trade Commission over the operator’s handling of data security issues as the incident unfolded.
A week after MGM got its systems back online, it was revealed that fellow Las Vegas-based operator Caesars Entertainment was also hacked by Scattered Spider a fortnight prior. But it paid up to the hackers to get its systems back online without disruption, and the incident initially went unreported in the media.
The Suspects
Over the past months, two other teenagers were suspected of being involved with Scattered Spider, the hacking group that perpetrated the MGM ransomware attack and various other high-stakes cybercrimes.
Tyler Buchanan of Dundee, Scotland, was arrested while attempting to board a flight in Palme, Spain, last month. As well as the MGM ransomware attack, Buchanan was wanted in connection with $27 million of cryptocurrency thefts. He allegedly perpetrated the schemes under the online alias TylerB.
Meanwhile, on May 29, another Scattered Spider member was arrested in Jacksonville, Florida. Noah Urban, 19, who acted online under the alias King Bob, was charged with various counts of wire fraud, aggravated identity theft, and conspiracy to commit fraud.
As well as his involvement with Scattered Spider, media reports suggest Urban has also been a notorious online music leaker. Sources said he connected with a group stealing and distributing unreleased works by Lil Uzi Vert and Ariana Grande, among others.
David is an online casino expert who specializes in online slots and boasts over 10 years experience writing about iGaming. He has written for a wide range of notable publications, including eSports Insider and WordPlay Magazine.
David graduated Derby University with a BA Degree in English Literature and Creative Writing.
