What’s next for the hacker?
The teenager, whose name has not been released, is reportedly a juvenile, who turned themself in to the authorities.
The FBI’s Cyber Task Force, which works with LVMPD, identified the suspect, who voluntarily appeared before the Clark County Juvenile Detention Center on Sept. 17.
Despite their age, the suspect may be charged as an adult by the Clark County DA’s Office for his role in a “sophisticated cyber crime.”
The news comes about one month after Nevada was able to restore the majority of websites that had come under attack, including the Department of Motor Vehicles.
Those websites were attacked on Aug. 24, although they have not been linked to the crimes allegedly committed by Scattered Spider, which occurred from August to October 2023.
Details of the crimes
The teenager was part of a scheme in which one hacker posed as an MGM Grand employee and requested a password reset during a call with the company’s IT Department.
Once the request was granted, the hacker was given complete access to the company’s inner workings. They disabled slot machines and hotel key cards, blocked employee access, and disabled the company’s hotel reservation system, on top of gaining access to customers’ personal information.
All in all, the disruptions caused about $100 million in damages to MGM’s Vegas properties.
Caesars also lost access to its systems after the hackers gained access by fooling an outsourced IT support vendor.
Hackers obtained access to Caesars customers' information, including Social Security and driver’s license numbers. However, Caesars never lost control of hardware at its retail or online locations.
Neither MGM nor Caesars released a comment following the news that the teen had turned themself in.
