X

Analyst: MGM losing $4.2M-$8.4M a day because of cyberattack

Guests walk through New York New York past a sign about MGM's "unforeseen difficulties&quo ...

MGM Resorts International could be losing between $4.2 million and $8.4 million in daily revenue and around $1 million in cash flow every day it’s under a cyberattack, a gaming industry analyst said in a Sunday report to investors.

David Katz, an equity analyst with New York-based Jefferies Group, in a weekly report on gaming, lodging and leisure companies, updated his Thursday assessments of MGM and Caesars Entertainment Inc. that included an estimate that MGM could take a 10 percent to 20 percent hit on revenue and cash flow “for the days that the current conditions exist.”

MGM on Sunday entered its second week of operations after a cybersecurity breach. Jefferies analysts say MGM generates about $42 million in revenue and $8 million in cash flow daily companywide.

Revenue is the amount of money generated through sales and investments, while cash flow measures net cash and cash equivalents being transferred in and out of a company.

MGM officials on Sunday said there were no updates on the status of the company’s computer systems and no new information was posted on the company’s “frequently asked questions” internet page that launched early Friday.

But there was no shortage of complaints from people about the situation.

There were scattered emailed reports from people around the country to the Review-Journal saying they were MGM employees who hadn’t been paid as of Friday. The company said Friday that payroll had been met as planned.

Others complained that there were no useful functions on the restored websites. Customers can still make reservations by calling a property directly or by using third-party booking apps.

A Review-Journal reporter dining at Babette’s Steakhouse at Park MGM said a waiter indicated the restaurant’s computer system was continually slowing because checks can’t be closed out. In addition, all food has to be ordered at one time because expense tabs can’t be reopened. There’s also no splitting checks within a party and no splitting of payment methods.

Slot machine winnings on machines in operation had to be paid manually by employees because some ticket in-ticket out systems weren’t functioning.

Uber and Lyft drivers contacted by the Review-Journal said MGM’s problems were a constant topic of frustration with their riders. Some said they waited a long time for employees to pay their slot-machine winnings.

Groceryshop 2023, a three-day, technology-meets-supermarket-brands convention with a projected attendance of 5,000, is scheduled to begin Tuesday. Representatives of Groceryshop 2023 did not respond to emails inquiring about the status of the show and whether they expected attendance to be affected by the cybersecurity problems experienced by MGM.

Brands like Kroger, Walmart, Albertson’s, Costco, Amazon, Kellogg, General Mills, Doordash, KraftHeinz, Coca-Cola and Pepsico are expected to be represented at the show.

Katz told investors in his Thursday and Sunday reports that damages from the cyberattack at MGM would be claimed against insurance, but it’s unclear just how much would be covered.

“The announcement by CZR (Caesars Entertainment, which reported a similar cyberattack in an SEC filing Thursday) and indications from MGM confirming the cyberattacks should be taken as one-time, largely insurable events that should not have long-lasting impacts on the businesses, assuming that the event is short-lived,” Katz wrote. “Our sense is that MGM’s impact could potentially be material but moderate near term, while CZR should see no meaningful impact and the question of whether any business is displaced among operators near term is fair.”

Katz said there were unconfirmed reports that Caesars paid around $15 million in ransom money to extortionists to regain control of its computerized systems in late August. But it’s unclear if MGM has considered paying any ransom money.

“Our impression is the Street’s presumption that CZR elected to pay a ransom while MGM did not may not be correct, according to our discussions with both management teams,” Katz wrote. “Nonetheless, given what we expect should be predominantly insurable events for all concerned should mitigate the impact to MGM if it turns out to be significant.

For the time being, it is not clear what the magnitude of the impact is to MGM and the degree of insurance coverage it will have or the duration of the event.”

Katz said he believes MGM will continue operations.

“Our impression of the impact to MGM is that business remains operable and credit card use is possible, albeit manual, while more transactions are cash-based than usual,” he said.

Contact Richard N. Velotta at rvelotta@reviewjournal.com. Follow @RickVelotta on X. Review-Journal reporter Sabrina Schnur contributed to this report.

.....We hope you appreciate our content. Subscribe Today to continue reading this story, and all of our stories.
Subscribe now and enjoy unlimited access!
Unlimited Digital Access
99¢ per month for the first 2 months
Exit mobile version