At the same time, the major credit rating agency Moody's warned that the cyberattack could negatively affect MGM's credit rating, saying the attack highlighted "key risks" within the company.
The company's corporate email, restaurant reservation and hotel booking systems remain offline as a result of the attack, as do digital room keys. MGM on Wednesday filed a 8-K report with the Securities and Exchange Commission noting that on Tuesday the company issued a press release "regarding a cybersecurity issue involving the Company."
8-Ks as a rule are filed when publicly traded companies want to notify the SEC of an event that can have a material effect on the firm. An MGM spokesperson confirmed the company views the incident as material. The spokesperson declined to comment on the Moody's warning. MGM's share price has declined more than 6% since Monday, the day it first acknowledged the outages, compared to a modest gain in theThe FBI told CNBC on Monday it is monitoring the "ongoing" situation. The SEC's new cyber disclosure rules will not go into effect until the end of the year, so MGM is not yet obligated to provide more information to the SEC than they already have.
On social media, patrons have expressed frustration with the scope and duration of the outage, with some describing how hotel key cards aren't working. Others expressed concerns about the security of their personal data. In 2020, MGM acknowledged that it had lost the personal information ofMGM is communicating with the press through noncorporate, commercially available email addresses.