130 views 2 mins 0 comments

FTC Defends Investigation Into Cyberattack on MGM as Casino Giant Seeks to Block Probe

In Legal News, Data Breach News
June 27, 2024

Occasionally, a business giant with the funds to fight the government will challenge a federal agency’s enforcement action. This time, it is MGM taking on the FTC. Law.com reports:

The Federal Trade Commission this week defended its investigation of MGM Resort International’s data security practices as the Las Vegas-based casino is seeking a court order to block the agency’s probe. 

Following a cyberattack that disclosed the personal information MGM guests in September, the FTC issued a civil investigative demand (CID) in January, seeking information regarding the company’s security, cyber risk management and identity theft prevention measures. The agency also requested detailed information about the September cyberattack. 

MGM responded by petitioning the agency to limit or halt its investigation. The company also asked the FTC to disqualify Chair Lina Khan from participating in the inquiry as she was staying at the hotel during the cyberattack.

When the FTC denied the petition, MGM filed suit in the U.S. District Court for the District of Columbia, claiming the agency’s investigation exceeds its authority and that the Federal Bureau of Investigation was already on the job.

Read more at Law.com.

The case is MGM Resorts International v. Federal Trade Commission et al, case number 1:2024cv01066. A copy of the complaint is freely available via Recap.

The docket indicates that the FTC’s motion to dismiss was filed on June 25 and the court granted a joint motion to extend the deadlines for replying to the motion. MGM has until August 7 to file its opposition to the motion to dismiss, and then the FTC will have until September 6 to file any reply in support of their motion to dismiss.

Previous coverage of the MGM breach and FTC litigation can be found here.