A teenager may be responsible for a ransomware attack that occurred in Las Vegas last year. An unidentified 17-year-old from the town of Walsall who allegedly shut down the resort and casino on the Las Vegas Strip last year was arrested Thursday in England, it has been confirmed.
The teenager was arrested on suspicion of blackmail and violating the UK's Computer Misuse Act. He was released on bail, according to a statement from the police department.
Police officers tracked down the teenage suspect as part of a joint investigation with the UK's National Crime Agency and the FBI. The police department said they recovered evidence at the teenager's address, including “a number of digital devices which will undergo forensic examination.”
The statement also said the teen was part of a “global online cybercrime group,” but did not specify which group. The ALPHV/BlackCat ransomware group announced responsibility for the attack. The attack occurred on September 12, 2023, allegedly with a simple 10-minute phone call to a help desk employee using information obtained from LinkedIn. The group has also claimed responsibility for a similar ransomware attack on the beauty brand .
“All the ALPHV ransomware group did to compromise MGM Resorts was log into LinkedIn, find an employee, and then call support,” the organization wrote in a post on x.
The MGM Resorts system shutdown lasted 10 days and caused a massive outage across all of its casinos on the Las Vegas Strip. It later emerged that other casinos such as Caesars were also targeted by a different group, but decided to pay the hackers tens of millions of dollars to prevent private company data from being published.