Teen Hacker Linked to MGM, Caesars Security Breach Turns Himself In

A teenage male has been arrested for his alleged involvement in the high-profile 2023 cyberattacks on MGM Resorts and Caesars Entertainment; breaches that crippled Las Vegas casino operations, exposed sensitive customer data, and led to losses surpassing $100 million.

The suspect turned himself in to the Clark County Juvenile Detention Center on September 17, 2025, and now faces multiple charges, including extortion, conspiracy, and misuse of personal identifying information.

Investigators have linked the teen to “Scattered Spider,” a decentralized cybercriminal group known for targeting major corporations using social engineering and SIM-swapping attacks. The breach, which began with a convincing impersonation over a LinkedIn-aided phone call, forced MGM to shut down internal systems across multiple properties.

Caesars reportedly paid a ransom to mitigate disruption, while MGM endured weeks of outages and financial losses.

Authorities are now pushing to try the teen as an adult.

Why It Matters: The teen’s arrest is part of a broader effort to dismantle Scattered Spider, a cybercrime collective that has grown increasingly aggressive and effective. The case highlights the vulnerability of high-revenue sectors, such as hospitality and gaming, to low-cost, high-impact social engineering attacks. It also raises deeper concerns about how rapidly young individuals are being recruited or influenced into sophisticated digital crime rings, often before they reach adulthood.

• Teen Suspect in Custody, Faces Adult Charges: On September 17, 2025, a teenage male voluntarily surrendered to Las Vegas authorities and was charged with multiple felonies, including extortion and unauthorized use of personal data. The Clark County DA’s office has announced plans to pursue adult prosecution due to the gravity of the offenses.

• Social Engineering Breach Disrupted MGM’s Operations: The 2023 breach exploited a low-tech but effective tactic: the impersonation of an MGM Grand employee via LinkedIn, followed by a password reset request over the phone. Within 10 minutes, the attackers gained control of MGM’s internal systems, leading to disabled slot machines, failed reservations, locked hotel rooms, and delayed payroll across properties like Bellagio, Luxor, and Excalibur.

• Scattered Spider and Its International Footprint: The suspect is believed to be part of Scattered Spider (also known as Octo Tempest, UNC3944, and 0ktapus), a collective associated with numerous breaches across North America and Europe. Recent arrests in the U.K. and U.S. point to a growing law enforcement crackdown. The group, active since at least 2022, is known for combining phishing, SIM-swapping, and ransomware to extract large ransoms from corporations.

• Ransom Paid by Caesars, MGM Declined and Suffered Heavier Losses: Caesars allegedly paid a ransom of $15 million after hackers accessed personal data from their loyalty program, including Social Security numbers and driver’s license info. MGM refused to pay, resulting in prolonged system outages and losses totaling approximately $110 million, per SEC filings.

• Implications for Cybersecurity in the Hospitality Sector: With casinos, hotels, and entertainment venues increasingly reliant on digital infrastructure, this incident underscores critical weaknesses in cyber defense. The attacks exposed sensitive customer data and disrupted operations on a massive scale. Experts warn that companies must shift from reactive to proactive cybersecurity strategies, especially those managing vast networks and customer databases.

Go Deeper -> Teen arrested in 2023 cyberattack on Strip casinos – Fox5 Vegas

MGM Resorts’ Cybersecurity Woes Continue: An In-depth Look at the Latest Breach – The National CIO Review

‘Sophisticated’ $100M cyberattack on Vegas Strip involved teen hacker – Yahoo! News

Teenage Scattered Spider Suspect Arrested in Las Vegas – Bank Info Security