MGM Resorts Data Breach Settlement: Are You Eligible for Compensation?

MGM Resorts International has announced a $45 million settlement to resolve a class-action lawsuit stemming from two data breaches that compromised the private information of its customers and guests. The breaches, which occurred in July 2019 and September 2023, exposed sensitive data, leaving potentially millions of individuals vulnerable to identity theft and other related harms.

If you stayed at an MGM Resorts property during the relevant periods, you might be entitled to a portion of this settlement. This article provides a comprehensive overview of the settlement, including who is eligible, what types of information were exposed, how to file a claim, and important deadlines to keep in mind.

Understanding the Data Breaches

The two data breaches that led to the settlement involved unauthorized access to MGM Resorts’ computer systems. The July 2019 breach exposed the personal information of over 10.6 million guests. While the specific details of the September 2023 breach are less clear, it is believed to have affected a significant number of additional customers.

The types of personal information compromised in these breaches varied but included:

• Names
• Addresses
• Telephone Numbers
• Email Addresses
• Dates of Birth
• Driver’s License Numbers (for some individuals)
• Passport Numbers (for some individuals)
• Social Security Numbers (for some individuals)
• Military Identification Numbers (for some individuals)

The exposure of such sensitive information can have serious consequences for affected individuals. It increases the risk of identity theft, financial fraud, and other forms of harm.

Who is Eligible for the Settlement?

You are likely a member of the settlement class if you were a customer or guest of MGM Resorts and your personal information was compromised in either the July 2019 or September 2023 data breach. The settlement website provides a more detailed definition of the class, but generally, if you received a notice about the settlement, you are likely a member.

If you are unsure whether you are a member of the settlement class, you can visit the settlement website or contact the settlement administrator for more information.

What Does the Settlement Provide?

The $45 million settlement aims to compensate class members for the damages they suffered as a result of the data breaches. The settlement provides several benefits to eligible individuals:

• Reimbursement for Out-of-Pocket Losses: Settlement members can file claims for reimbursement of out-of-pocket expenses incurred as a result of the data breaches. These expenses may include costs associated with:
  • Identity theft protection services
  • Credit monitoring services
  • Fraud alerts
  • Unreimbursed bank fees
  • Costs associated with addressing identity theft or fraud
• Compensation for Time Spent Addressing the Breach: Class members can also claim compensation for the time they spent dealing with issues related to the data breaches. This could include time spent:
  • Monitoring credit reports
  • Contacting financial institutions
  • Reporting identity theft
  • Taking other steps to protect themselves from harm
• Statutory Damages: In certain circumstances, settlement members may be eligible for statutory damages, which are payments intended to compensate for the violation of their privacy rights.
• Credit Monitoring and Identity Theft Protection Services: As part of the settlement, MGM Resorts may provide credit monitoring and identity theft protection services to class members for a certain period.

The amount of money each individual receives will depend on the nature and extent of their losses, as well as the total number of valid claims filed. The settlement administrator will review all claims and determine the appropriate amount of compensation for each class member. The maximum amount that can be claimed for out-of-pocket losses is $15,000.

How to File a Claim

To receive compensation from the settlement, you must file a claim by the deadline. The claim process is relatively straightforward:

1. Visit the Settlement Website: The official settlement website provides all the information you need to file a claim. You can find the website address in the notice you received or by searching online for "MGM Resorts Data Breach Settlement."
2. Review the Claim Form: The website contains a claim form that you must complete and submit. The form will ask for information about your stay at MGM Resorts, the types of personal information that were exposed, and the losses you incurred as a result of the data breaches.
3. Gather Supporting Documentation: To support your claim, you will need to provide documentation of your out-of-pocket losses and the time you spent addressing the breaches. This documentation may include receipts, bank statements, credit card statements, and other relevant records.
4. Submit the Claim Form: You can submit the claim form online through the settlement website. You can also print the form and mail it to the settlement administrator at the address provided on the website.

Important Dates and Deadlines:

• Claim Deadline: All claims must be submitted online or postmarked on or before June 3.
• Opt-Out Deadline: If you want to exclude yourself from the settlement, you must submit a request to opt-out by May 19.
• Objection Deadline: If you want to object to the terms of the settlement, you must submit your objection by May 19.
• Final Approval Hearing: The court will hold a final approval hearing on June 18 to determine whether to approve the settlement.

Opting Out or Objecting to the Settlement

If you do not want to participate in the settlement, you have the option to opt-out. This means that you will not receive any compensation from the settlement, but you will also retain the right to sue MGM Resorts independently for damages related to the data breaches.

To opt-out of the settlement, you must submit a written request to the settlement administrator by the opt-out deadline. The request must include your name, address, and a clear statement that you want to be excluded from the settlement.

If you disagree with the terms of the settlement, you can object to it. To object, you must submit a written objection to the court by the objection deadline. The objection must state the reasons why you believe the settlement is unfair, unreasonable, or inadequate.

What Happens Next?

After the claim deadline passes, the settlement administrator will review all valid claims and determine the amount of compensation each class member is entitled to receive. The administrator will then distribute the settlement funds to eligible class members. The exact timing of the payments will depend on the number of claims filed and the complexity of the distribution process.

The final approval hearing is scheduled for June 18. At this hearing, the court will decide whether to approve the settlement. If the court approves the settlement, it will become binding on all class members who did not opt-out.

Protecting Yourself from Identity Theft

Regardless of whether you participate in the settlement, it is important to take steps to protect yourself from identity theft. Some steps you can take include:

• Monitor your credit reports regularly: You are entitled to a free credit report from each of the three major credit bureaus (Equifax, Experian, and TransUnion) once a year. You can order your free credit reports online at AnnualCreditReport.com.
• Place a fraud alert on your credit file: A fraud alert will make it more difficult for someone to open new accounts in your name. You can place a fraud alert by contacting any of the three major credit bureaus.
• Consider a credit freeze: A credit freeze will prevent anyone from accessing your credit report without your permission. This is the most effective way to prevent identity theft, but it can also make it more difficult to apply for credit.
• Be cautious of phishing scams: Be wary of emails, phone calls, or text messages that ask for your personal information. Legitimate companies will never ask for sensitive information in this way.
• Review your bank and credit card statements regularly: Look for any unauthorized transactions. If you see something suspicious, report it to your bank or credit card company immediately.

Stay Informed

The MGM Resorts data breach settlement is a complex legal matter. It is important to stay informed about the settlement and your rights. Visit the settlement website regularly for updates and information. If you have any questions, contact the settlement administrator or consult with an attorney.

By taking the necessary steps, you can protect yourself from the potential harms of the data breaches and ensure that you receive the compensation you are entitled to. Remember to file your claim before the June 3 deadline. This settlement offers a chance to recoup financial losses and receive compensation for the inconvenience and worry caused by the security lapses at MGM Resorts.