Scattered Spider made headlines in 2023 with successful ransomware attacks against two prominent casino and entertainment companies, Caesars and MGM Resorts. Caesars opted to pay a $15 million ransom to regain access to its data, while MGM Resorts suffered a 10-day disruption of critical computer systems, extensive customer data exfiltration, and an overall estimated financial impact of $100 million. The MGM Resorts breach is illustrative of the techniques the group uses to defeat modern multi-factor authentication (MFA) controls. The group reportedly researched the company’s privileged users using public data sources like social networks and used this information to impersonate them in calls to the IT help desk. Eventually, they were successful in tricking the company into performing a password reset. Once in, they unleashed ALPHV/BlackCat ransomware across the company’s critical systems, wreaking havoc on business operations and customer experience.